Hauptseite/en: Unterschied zwischen den Versionen

Welcome to HITGuard Help!

HITGuard offers you comprehensive support in managing and monitoring your risks and compliance requirements. In the menu navigation of HITGuard you will find various modules that support you in meeting your IT governance, risk management and compliance requirements.

This user help provides you with detailed information on how to use each of the HITGuard modules and describes the contents of the entire available menu.

We have designed this user help to be useful for beginners and experienced users alike. If you have any questions or need help, our support team will be happy to assist you if you contact us under support@hitguard.at.

We hope that this user guide will help you to get the most out of HITGuard. Thank you for choosing our solution!

Find the help pages for all possible menu items of the individual modules here:

The Risk management, Measures, and Controls, as well as Administration are always available in HITGuard and form the basis of the tool:

There are various extensions for HITGuard in order to cover further use cases.

Under How To Start you find the first steps for implementing a management system and for all the add-ons.

The screenshot gives information about the various areas of the HITGuard interface. In the top left corner you find the profile area of the logged-in user and below it the main menu. A click onto the profile picture takes you to the page Manage account. There, a user can modify their data, update their profile picture, or change the password.

The marked areas in the image show:

1. Intro for the current page: If the current page has an interactive introduction, it can be started via this icon.
2. Collapse/expand menu: With this button, the navigation menu can be collapsed, or expanded again.
3. Switch management system: If the user is authorized for multiple management systems, they can switch between them here. This option is not shown for practitioners or users only authorized for a single management system.
4. Current management tasks, logout, and change language:
   • You receive information about your current management tasks via the envelope.
   • You can configure a page's accessibility with the person-symbol.
   • The flag can be used to switch between English and German.
   • The logout button logs you out.

The menu starts off with the "personal" menu items My tasks and My dashboards. These are follows by the menu items of the individual HITGuard modules. The user only sees those modules they are authorized for. Following the module menu items is the menu item Help.

Under "My tasks" you will find the tasks you have to complete in your role as a practitioner. The menu on the left shows you at a glance if you have any pending tasks (orange number badge). This menu shows all items that are activated in at least one management system.

A click into the My tasks menu opens the Task dashboard. Here, you find a summary of all the tasks pending completion. In addition, clicking on My tasks opens a submenu that lets you view the tasks by type. There, you also find tasks you have already completed. Orange badges show how many taks you need to work on (e.g., requested progress reports or PAs to be reviewed). Blue badges show how many tasks, for which you are also responsible, somebody else needs to work on (e.g., reviews for which you are responsible but not an interview partner).

The states of the different elements are also explained here:

Dashboards are for getting an overview of the management systems by using key performance indicators (KPIs) and for preparing the reports that are needed regularly. By default, each management system has a dashboard for information related to risk management, to measures, and to controls. Data protection management systems also have a dedicated data protection dashboard, case management systems have a case management dashboard, and audit management systems have an audit management dashboard. However, only dashboards, KPIs, and reports for which the user is authorized are displayed.

In order for a user to access a dashboard and the KPIs and reports of the respective section, they need the "Expert", "Professional" or "Observer" role in the respective module. Thus, to view the risk management dashboard, at least the "Professional" role in risk management is required.

Additional dashboards can also be created and configured. It is possible to make these accessible only to oneself by marking them as "private". Dashboards that are not marked as "private" are visible to all authorized members of the management system. Default dashboards, as in dashboards that are delivered with HITGuard by default, can be edited and reset into their original state, but not deleted. They are marked as vendor-specific dashboards with a "tool" icon. Self-created dashboards can be deleted.

Users can mark a dashboard as a favorite in each management system. This dashboard will be ranked first for the user and displayed when the user logs in. To mark it, click the star next to the dashboard configuration.

How to create and edit dashboards as well as information on the KPIs can be found here:

The reports that can be created on dashboards are the same as those in the respective menu items in terms of their content and their report options. The explanations for them are found on the help pages of the reports per menu item.

Reports on dashboards offer the following additional functions:

• Prepare multiple versions of one report: Just like KPIs, reports can be added to dashboards multiple times. The "filter" button allows you to save different configurations of the report options in order to then have access to various iterations of the same type of report at the click of a button.

Example: A risk report called "Risk report - details", with details on measures and control definitions, the overview of the gaps assigned to the risk, and its temporal evolution; so that risk owners can periodically file a detailed status of their risks. And a risk report for the top managers called "Board risk report", containing just a rough overview of the open measures and active controls; for board members to get a grasp on the current risk treatment efforts.

• Set as default report settings: Experts and Professionals can save the option configuration of one report per report type on non-private dashboards (e.g. one risk report or one gross-net-risk report). In doing so, the report is then automatically generated with these settings from index pages (e.g. on the page Risk management → Risk evaluation, where there aren't any report options available). On the report page itself (e.g., Risk management → Reports → Risks → General) the report is also generated with these settings, but users can make individual changes to these settings. The report set as the default is marked with a star on top of the report icon.

Example: user A configures a risk report on the dashboard and sets the settings as default. User B generates a risk report from the overview on the page Risk management → risk evaluation and the contents match the default settings. User C has already adjusted the settings the way they need them on the page Risk management → Reports → Risk → General. Their individual settings are not overwritten by the default. User D is using the page Risk management → Reports → Risk → General for the very first time and sees that the report options are set the same way as defined by User A's default.

Right after the dashboard menu items, you find the module-specific menu items. Which modules are shown here depends on the user's authorizations as well as on the features activated for the management system.

Under this menu item you will find the introduction "Getting started", which gives an introduction to HITGuard's interface.

Under the menu item "Online Help" you will find our help directly integrated in HITGuard.

If there is an info icon in the lower left corner, it can be clicked to start a short introduction to the current page.

The envelope in the upper right corner informs professionals and experts about tasks that have been reported completed and are waiting for completion/review. The tasks always refer to the current management system only. Thre is also a notice if the current analysis period has expired.

In addition, the tasks are only displayed to users who are authorized to edit them. For example, answered processing activities are displayed only to users who are Data Protection professionals or experts and are currently in the Data Protection management system.

The tasks are divided into the following items:

• FAQ

• Glossary

• User profile
• Table functionality and symbols
• Explanation of the various icons and buttons in HITGuard
• Tips, tricks & best practice

• Create/edit audit
• Create/edit audit programs
• Create/edit reviews (create gap analyses/record review results)
• Enter/edit risk
• Create/edit measure
• Create/edit controls
• Request progress reports
• Create/edit externals

• Manage risk policy
• Manage settings of measures and controls
• Create/edit data subject categories
• import Data

• Dataimport/-export Interface

• HITGuard portal for suppliers

• What are the first steps towards implementing a management system in HITGuard?
• Which first steps should I take to start working with the data protection module?
• Which first steps should I take to start working with the audit management module?
• Which first steps should I take to start working with the case management module?
• Which first steps should I take to start working with the doc management?
• Which first steps should I take to start working with the ESG module?
• Which first steps should I take to start working with the supplier risk management?
• How do I activate the various mailings after I've completed my initial tests?

• What does the general workflow for measures look like?
• What does the general workflow for controls look like?
• What does the general workflow for reviews look like?
• What does the general workflow for processing activities look like?
• What does the general workflow for risk and opportunities look like?
• What does the general workflow for tickets look like?
• What does the general doc management workflow look like?
• How should I proceed if I want to perform a protection needs analysis?

Release Notes from the years 2017 and 2018 were directly integrated into the help.

• Login options
• Passkeys
• 2-factor-authentication

• Installation assistance