Menü aufrufen
Toggle preferences menu
Persönliches Menü aufrufen
Nicht angemeldet
Ihre IP-Adresse wird öffentlich sichtbar sein, wenn Sie Änderungen vornehmen.

Global settings

Aus HITGuard User Guide
Version vom 17. Mai 2022, 11:25 Uhr von Faha (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „* Activate SwaggerUI :: This option enables the SwaggerUI, which is an interactive description of the REST API. It can be accessed under "/swagger ". This page…“)

Global settings can only be changed as administrator or expert!

General settings

  • Default language
Here you can select the language in which the application should be displayed by default.
Each user can however choose the language he wants to use by default via the flag symbol, top right.
  • Organisational form
Here you can determine whether companies are more function-oriented (purchasing, production, sales, etc) or process-oriented.

Design settings

Through these settings, the appearance of HITGuard can be customized to your needs. All settings are only effective after clicking on "Save" at the bottom of the page. Some settings are only visible after the page has been reloaded.

Design settings


  • Base color:
Affects elements that are green by default (e.g. "save" button and load bar).
  • Tab icon:
Determines the icon that is displayed in browser tabs.
  • Report color:
This can be used to change the color used for reports.
  • Report logo:
This can be used to set an image that will be displayed on the cover page of reports in its original size.
Caution: if the image is too large, headers will be covered.
  • Button colors:
The colors set here affect their respective buttons.

The "Reset design" button can be used to reset the design settings back to the original ones.

Lightweight Directory Access Protocol (LDAP)

LDAP


This setting activates the LDAP integration.

This allows users to log in using their Active Directory credentials.

  • Automatic user creation:
This option allows you to load user information from an Active Directory at first login.
This saves you the work of recreating all users in HITGuard. Only user roles have to be assigned to the users.
  • Local login deactivated:
If LDAP integration is activated, the local logon can be deactivated. This means that users can only log on to the system using their LDAP logon data.
If both logon modes (LDAP and Local) are activated, users can log on to the system with their LDAP as well as with their local logon credentials. For more information on this, see Login options.


If the LDAP integration is activated, you have to specify the domain and the root container of your Active Directory.

Email settings

Here the settings for the automatic mailing are made.

If you want, then change the settings for the mailing to a company address, or for test purposes to the address of a resource mailbox.


You can choose a separate e-mail address for each management system (see Management system e-mail).

It is possible to configure if new users should receive a welcome email and if they should receive an email when they are assigned to a team.


User selection field

Here, you can set which information will be shown when selecting a responsible person.
For example, it can be shown from which company and department a user is.


example user selection


Optional properties of measures

This can be used to configure which options should be activated by default when creating management systems.
Under "Administration → Management systems" it is possible to configure these options individually for each management system.
This has an effect on the creation of measures in the respective management systems.


  • Impact and Effort:
Effort describes how many resources, personnel, monetary, time, etc. are required to implement a measure
For this purpose, so-called Effort classes can be defined under "Measures → Settings → Effort classes".
The impact describes how high the risk or how strong the impact on business processes is.
For this purpose, so-called Impact classes can be defined under "Measures → Settings → Impact classes".
  • Automatic determination of deadline:
If activated, a default value for the field "Deadline end" is calculated for the task after entering "Effort", "Effect" and "Start of deadline".
The "Matrix for determining deadlines", which is managed in the administration, serves as the basis for calculation.
This should enable a neutral and as objective as possible determination of the implementation duration.
"Impact and Effort" must be activated for this.
  • Mentioned deadline:
Enables the entry of a "Mentioned deadline". This can deviate from the "deadline" date and dates the day by which the person responsible is expected to have implemented the task.
If activated, the entry of a mentioned deadline is also expected from the person responsible in progress messages.
If activated entering mentioned deadline will be mandatory.
  • Delayed:
This allows measures to be marked as "postponed". If the "mentioned deadline" of a measure is changed afterwards, HITGuard supports this by suggesting to mark the measure as "postponed".
  • Risk reduction:
If a measure was implemented in parts and thus a reduction of the assigned risk took place,
so the indicator "risk reduction" can be set for the measure. The indicator is automatically removed again in the next analysis period.
  • KO criteria:
Herewith measures can be marked as critical.
They are shown separately in reports.
  • Newly planned:
Allows you to reschedule the task. If the task is marked as "newly planned" and the deadline for the task is changed, the traffic light for this task is reset to green.
  • Info email when measures are assigned:
If enabled, a "Measure [Measure ID] has been assigned to you" email will be sent to the measure owner(s) when owner(s) are entered or changed and the measure is open OR when the measure is reset to open from another status.
  • Report progress actively:
This makes the button "Report Progress" available under "My Task → Action Status". This allows users to independently submit a progress report for their tasks. (without explicitly requesting a progress report for this task).
  • Corrective & improvement action
If activated, measures can be marked as corrective and/or improvement measures. These flags can be filtered by in the action list and will be printed on reports.
  • Action ID generation
If activated, an ID is automatically suggested when new measures are created. This depends on the selected organizational unit (OrgEh) and is structured according to the scheme: [OrgEh abbreviation]_[Sequence number].

Risk management settings

This can be used to configure whether or not the "Private" identifier of threat layers should be set by default.

More information on this can be found at "Risk Management → Risk Assessment → Hazard Situation".


REST API Settings

This section is only visible to administrators and even then only if the REST API is enabled in the configuration file "appsetting.json" via the property: "RestApi": { "Enabled": true}.


  • Activate REST API:
This option enables the REST API endpoints. If this option is disabled, then the REST API will not accept any request.
  • Activate SwaggerUI
This option enables the SwaggerUI, which is an interactive description of the REST API. It can be accessed under "/swagger ". This page is only relevant for developers who want to communicate with the REST API. This option has no effect on the functionality of the REST API. If it is disabled, the REST API will still work if it is enabled.