Auditdurchführung/en: Unterschied zwischen den Versionen
Weitere Optionen
Faha (Diskussion | Beiträge) Die Seite wurde neu angelegt: „__TOC__“ |
Isan (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
||
| (5 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt) | |||
| Zeile 1: | Zeile 1: | ||
Under "Audit management → Audit execution" you | Under "Audit management → Audit execution" you find all reviews, review objects, gaps, and instances of clarification needed of the current management system. | ||
__TOC__ | __TOC__ | ||
<span id="Überprüfungen"></span> | |||
== Reviews == | == Reviews == | ||
Under "Audit management → Audit execution → <u>Reviews</u> | | Under "Audit management → Audit execution → <u>Reviews</u> | Objects of review | Gaps | Clarification needed" you find all the reviews of the management systems. This includes those reviews related to an audit as well as those that aren't linked. The display of a review is also independent of its state. | ||
It is also possible to create new reviews for audits here. | It is also possible to create new reviews for audits here (gap analyses, review results, and protection needs analyses). | ||
Double-clicking on a review will take you to | Double-clicking on a review will take you to it. | ||
[[Datei:AM Auditdurchfürhung Überprüfungen.png|left|thumb| | [[Datei:AM Auditdurchfürhung Überprüfungen.png|left|thumb|901px|Audit execution > Reviews]] <br clear=all> | ||
More on creating and editing reviews can be found [[Special:MyLanguage/Überprüfung|here]] (gap analyses and review results) as well as [[Special:MyLanguage/Schutzbedarf|here]] (protection needs analyses). | |||
<span id="Prüfobjekte"></span> | |||
== Objects of review == | |||
Under "Audit management → Audit execution → Review | <u>Objects of review</u> | Gaps | Clarification needed", you find all the review objects that were created in the course of reviews in the current management system. | |||
[[Datei:Auditdurchführung_Prüfobjekte.png|left|thumb|901px|Audit execution > Objects of review]] <br clear=all> | |||
Double-clicking on a review object opens the detailed view. Here, you can see how the review object was answered. Likewise, if several versions of the review object are available, you can view how the assessment of the review object has developed from one version to the next. Only the header data of a review object can be edited via this mask. This means that this mask cannot be used to answer a review object. | |||
Furthermore, the semi-automatic revaluation of review objects can be initiated on this page. Find more on this [[Special:MyLanguage/Schwachstellen#Teil-Automatische_Neubewertung_initiieren|here]]. | |||
<span id="Abweichungen"></span> | |||
== Gaps == | |||
Under "Audit management → Audit execution → Reviews | Objects of review | <u>Gaps</u> | Clarification needed", you find all gaps that were identified during the performance of reviews. | |||
[[Datei:Auditdurchführung_Abweichungen.png|left|thumb|900px|Audit execution > Gaps]] <br clear=all> | |||
The optional columns "Measure missing", "Target value missing", "Target value too low" can be used to find out against which gaps nothing or too little has been done. These gaps are tagged in the overview. If a gap does not have a tag, this means that attempts are being made to correct the gap. | |||
You also have the option here to assign gaps to a risk. | |||
Double-clicking on a gap opens the review at the point where the gap was detected. Here, measures and controls for the gap can now be defined. For more information, see [[Special:MyLanguage/Prüffragen_beantworten| Answer review questions]]. | |||
Optionally, it is possible to display a column that shows whether the line is a review question (from a knowledge base) or a review result (freely entered). This allows experts to then expand their self-developed knowledge bases by review results that are often added to reviews during the interview. | |||
<span id="Abweichungen_filtern"></span> | |||
===Filter gaps=== | |||
[[Datei:Abweichungsfilter.png|right|thumb|900px|Abweichungsfilter]] | |||
With the filter, it can be selected which type of gaps is displayed: | |||
*negative: review questions/results that were evaluated < the target score | |||
*none: review questions/results that were evaluated = the target score | |||
*positive: review questions/results that were evaluated > the target score | |||
<span id="Target_Score_Gewichtung"></span> | |||
=== <span id="Target score weighting"></span><span id="Zielreifegrad-Gewichtung"></span>Target score weighting=== | |||
What the target score level is and where it is set can be found under [[Special:MyLanguage/Managementsysteme#Aktiver Analysezeitraum | Management systems]]. | |||
Wherever gaps occur, there is an additional form of sorting: the target score weighting. This is possible, for example, under "Risk management → Vulnerabilities → Gaps". | |||
If activated, the sorting of protection targets is based on the target score weighting. The greater the deviation from the target score level and the greater the weighting of the protection target, the greater the target score weighting: target score weighting = deviation level * weighting of the protection target. | |||
Note: A response of "No" corresponds to score level 1, "Partially" corresponds to score level 3. | |||
Examples for illustration: Protection goal weighting: Mean (3). | |||
*score of deviation = 2, target score = 4 => Degree of deviation = 2, target score weighting = 2 * 3 = 6. | |||
*score of deviation = 4, target score = 4 => degree of deviation = 0, target score weighting = 0 * 3 = 0. | |||
[[Datei:Zielreifegrad Gewichtung anwenden.gif|left|thumb|900px|Apply target score weighting]]<br clear=all> | |||
<span id="Abklärungsbedarf"></span> | |||
== Clarification needed == | |||
Under "Audit Management → Audit execution → Reviews | Objects of review | Gaps| <u>Clarification needed</u>", you find all review questions/review results that were marked with "Clarification needed" in the course of a review. | |||
[[Datei:Auditdurchführung_Abklärungsbedarf.png|left|thumb|900px|Audit execution > Clarification needed]] <br clear=all> | |||
This label is necessary in practice if you cannot yet clarify how the question is to be answered when answering a review question. This can happen if, for example, you would need to consult another person or otherwise research the information. Following a series of reviews, the system evaluates which questions still need to be researched. This is exactly what the "Clarification needed" view is for. | |||
If you double-click on a review question/result, you will be redirected to it. | |||
It is also possible to export a list of all review questions/results requiring clarification via the "Export" button (next to the search bar). This provides an easy-to-use list of the review questions that require clarification. | |||
<!-- | |||
== Overview of measures == | == Overview of measures == | ||
| Zeile 21: | Zeile 90: | ||
[[Datei:AM Auditdurchfürhung Maßnahmenübersicht.png|left|thumb|900px|Overview of measures]] <br clear=all> | [[Datei:AM Auditdurchfürhung Maßnahmenübersicht.png|left|thumb|900px|Overview of measures]] <br clear=all> | ||
--> | |||
Aktuelle Version vom 19. Juni 2023, 07:45 Uhr
Under "Audit management → Audit execution" you find all reviews, review objects, gaps, and instances of clarification needed of the current management system.
Reviews
Under "Audit management → Audit execution → Reviews | Objects of review | Gaps | Clarification needed" you find all the reviews of the management systems. This includes those reviews related to an audit as well as those that aren't linked. The display of a review is also independent of its state.
It is also possible to create new reviews for audits here (gap analyses, review results, and protection needs analyses).
Double-clicking on a review will take you to it.
More on creating and editing reviews can be found here (gap analyses and review results) as well as here (protection needs analyses).
Objects of review
Under "Audit management → Audit execution → Review | Objects of review | Gaps | Clarification needed", you find all the review objects that were created in the course of reviews in the current management system.
Double-clicking on a review object opens the detailed view. Here, you can see how the review object was answered. Likewise, if several versions of the review object are available, you can view how the assessment of the review object has developed from one version to the next. Only the header data of a review object can be edited via this mask. This means that this mask cannot be used to answer a review object.
Furthermore, the semi-automatic revaluation of review objects can be initiated on this page. Find more on this here.
Gaps
Under "Audit management → Audit execution → Reviews | Objects of review | Gaps | Clarification needed", you find all gaps that were identified during the performance of reviews.
The optional columns "Measure missing", "Target value missing", "Target value too low" can be used to find out against which gaps nothing or too little has been done. These gaps are tagged in the overview. If a gap does not have a tag, this means that attempts are being made to correct the gap.
You also have the option here to assign gaps to a risk.
Double-clicking on a gap opens the review at the point where the gap was detected. Here, measures and controls for the gap can now be defined. For more information, see Answer review questions.
Optionally, it is possible to display a column that shows whether the line is a review question (from a knowledge base) or a review result (freely entered). This allows experts to then expand their self-developed knowledge bases by review results that are often added to reviews during the interview.
Filter gaps
With the filter, it can be selected which type of gaps is displayed:
- negative: review questions/results that were evaluated < the target score
- none: review questions/results that were evaluated = the target score
- positive: review questions/results that were evaluated > the target score
Target score weighting
What the target score level is and where it is set can be found under Management systems. Wherever gaps occur, there is an additional form of sorting: the target score weighting. This is possible, for example, under "Risk management → Vulnerabilities → Gaps".
If activated, the sorting of protection targets is based on the target score weighting. The greater the deviation from the target score level and the greater the weighting of the protection target, the greater the target score weighting: target score weighting = deviation level * weighting of the protection target.
Note: A response of "No" corresponds to score level 1, "Partially" corresponds to score level 3.
Examples for illustration: Protection goal weighting: Mean (3).
- score of deviation = 2, target score = 4 => Degree of deviation = 2, target score weighting = 2 * 3 = 6.
- score of deviation = 4, target score = 4 => degree of deviation = 0, target score weighting = 0 * 3 = 0.
Clarification needed
Under "Audit Management → Audit execution → Reviews | Objects of review | Gaps| Clarification needed", you find all review questions/review results that were marked with "Clarification needed" in the course of a review.
This label is necessary in practice if you cannot yet clarify how the question is to be answered when answering a review question. This can happen if, for example, you would need to consult another person or otherwise research the information. Following a series of reviews, the system evaluates which questions still need to be researched. This is exactly what the "Clarification needed" view is for.
If you double-click on a review question/result, you will be redirected to it.
It is also possible to export a list of all review questions/results requiring clarification via the "Export" button (next to the search bar). This provides an easy-to-use list of the review questions that require clarification.