Global settings

Global settings can only be changed as administrator or expert!

General settings

Default language

Here you can select the language in which the application should be displayed by default.
Each user can however choose the language he wants to use by default via the flag symbol, top right.

Organizational form

Here you can determine whether companies are more function-oriented (purchasing, production, sales, etc) or process-oriented.

Design settings

Through these settings, the appearance of HITGuard can be customized to your needs. All settings are only effective after clicking on "Save" at the bottom of the page. Some settings are only visible after the page has been reloaded.

Base color: Affects elements that are green by default (e.g. "save" button and load bar).
Report color: This can be used to change the color used for reports.
Tab icon: Determines the icon that is displayed in browser tabs. An .ico file must be used for the tab icon. Caution: In order to upload, the image must not exceed 16px in height and width.
Report logo cover page: This can be used to set an image that will be displayed on the cover page of reports in its original size. The report logo for the cover page can be reset via the button to the right of the preview. Caution: In order to upload, this image must not exceed 690px in width and 264px in height.
Report logo page header: This can be used to set an image that will be displayed in the right corner of page headers of reports in its original size. The report logo for the page header can be reset via the button to the right of the preview. Caution: In order to upload, this image must not exceed 55px in width and 31px in height.
Button colors: The colors set here affect their respective buttons.

The "Reset design" button can be used to reset the design settings back to the original ones.

Lightweight Directory Access Protocol (LDAP)

This setting activates the LDAP integration.

This allows users to log in using their Active Directory credentials.

Automatic user creation: This option allows you to load user information from an Active Directory at first login.
This saves you the work of recreating all users in HITGuard. Only user roles have to be assigned to the users.

Local login deactivated: If LDAP integration is activated, the local logon can be deactivated. This means that users can only log on to the system using their LDAP logon data. If both logon modes (LDAP and Local) are activated, users can log on to the system with their LDAP as well as with their local logon credentials. For more information on this, see login options.

If the LDAP integration is activated, you have to specify the domain and the root container of your Active Directory.

E-mail settings

Here, the settings for the automatic mailing are made. The sender's address as well as the SMTP server can be configured.

If you want, then change the settings for the mailing to a company address, or ideally for test purposes to the address of a resource mailbox, as you need to provide the password here. If you do not use an e-mail account of your own but the one provided by TogetherSecure, the sender address needs to end in @hitguard.at.

You can choose a separate e-mail address for each management system (see Management system e-mail).

It is possible to configure if new users should receive a welcome e-mail and if they should receive an e-mail when they are assigned to a team.

User selection field

Here, you can set which information will be shown when selecting a responsible person.
For example, it can be shown from which company and department a user is.

Optional properties of measures

This can be used to configure which options should be activated by default when creating management systems.
Under "Administration → Management systems" it is possible to configure these options individually for each management system.
This has an effect on the creation of measures in the respective management systems.

Impact and Effort:

Effort describes how many resources, personnel, monetary, time, etc. are required to implement a measure
For this purpose, so-called Effort classes can be defined under "Measures → Settings → Effort classes".

The impact describes how high the risk or how strong the impact on business processes is.
For this purpose, so-called Impact classes can be defined under "Measures → Settings → Impact classes".

Automatic determination of deadline:

If activated, a default value for the field "Deadline end" is calculated for the task after entering "Effort", "Effect" and "Start of deadline".
The "Matrix for determining deadlines", which is managed in the administration, serves as the basis for calculation.
This should enable a neutral and as objective as possible determination of the implementation duration.

"Impact and Effort" must be activated for this.

Mentioned deadline:

Enables the entry of a "Mentioned deadline". This can deviate from the "deadline" date and dates the day by which the person responsible is expected to have implemented the task.
If activated, the entry of a mentioned deadline is also expected from the person responsible in progress messages.

If activated, entering mentioned deadline will be mandatory.

Delayed:

This allows measures to be marked as "postponed". If the "mentioned deadline" of a measure is changed afterwards, HITGuard supports this by suggesting to mark the measure as "postponed".

Risk reduction:

If a measure was implemented in parts and thus a reduction of the assigned risk took place,
so the indicator "risk reduction" can be set for the measure. The indicator is automatically removed again in the next analysis period.

KO criteria:

Herewith measures can be marked as critical.
They are shown separately in reports.

Newly planned:

Allows you to reschedule the task. If the task is marked as "newly planned" and the deadline for the task is changed, the traffic light for this task is reset to green.

Info e-mail when measures are assigned:

If enabled, a "Measure [Measure ID] has been assigned to you" e-mail will be sent to the measure owner(s) when owner(s) are entered or changed and the measure is open OR when the measure is reset to open from another status.

Report progress actively:

This makes the button "Report Progress" available under "My Task → Action Status". This allows users to independently submit a progress report for their tasks. (without explicitly requesting a progress report for this task).

Corrective & improvement measure

If activated, measures can be marked as corrective and/or improvement measures. These flags can be filtered by in the measure list and will be printed on reports.

Risk management settings

This can be used to configure whether or not the "Private" identifier of threat layers should be set by default.

More information on this can be found at "Risk Management → Risk Assessment → Hazard Situation".

Code generation

Here you can set the default of whether an automatic code should be created for any new elemtents, and for which ones. The structure of the code can also be configured here. The setting is then taken over for all newly created management systems, but it can be changed and adapted directly in the management system itself.

The general prefix is used at the beginning of the code for all selected elements.
The first column allows you to select all elements that are to be generated with an automatic code.
Prefix: a string of letters, digits, or special characters that clearly labels the element (e.g., M for measure). The default entry can be changed.
OrgUnits abbr.: decides whether the element's code also includes the code of the organizational unit. Elements that aren't directly associated with any organizational unit do not have this option activated (e.g., hazard situations or processes).
OrgUnit abbr. suffix: a delimiter between the OrgUnit code and the final digit string (e.g., _ or -).
Minimum precision: the minimum number of digits to be included in the resulting string. At least 1 and at most 10 can be entered. With a number of 4, the resulting strings would be, for example, 0001, 0026, or 0184.