Tip Tuesday: Understanding Custom Assessments in Apptega

Options
nishant.shah
nishant.shah Posts: 13 admin
edited July 11 in Product Discussions

Understanding Custom Assessments in Apptega 

Custom Assessments in Apptega enable organizations to perform tailored evaluations that align with their unique compliance and security objectives. Unlike standard assessments, custom assessments allow users to create customized gap analysis assessments, readiness assessments, and maturity assessments based on an organization specific set of controls, processes, and security standards. This approach supports companies in developing a custom assessment model that matches their operational and regulatory needs. 

 

Custom assessments can be built with custom categories and optional subcategories, providing a detailed structure for assessing program requirements. Users can leverage Assessment Manager to manage these assessments and insights into the organization compliance and security posture. Custom assessments also support risk identification, readiness/gap scoring, evidence documentation, and reports, giving users a comprehensive solution to guide their security and compliance journey. 

 

Building a Custom Assessment 

Follow the guide below to prepare, import, and implement a custom assessment in Apptega: 

 

1. Define Your Assessment Objectives 

Identify the areas and requirements you want the assessment to cover. Consider any internal policies, procedures, regulations, and specific industry standards that should guide the assessment. 

 

2. Compile Assessment Details into the Custom Assessment Template 

Use the following steps to build your assessment to be imported into Apptega: 

  • Name the Assessment: Name the assessment with a name that reflects the focus or purpose of the assessment. This is the name you will see in the Assessment Manager when creating a new instance of the custom assessment. 

  • Create Assessment Questions: Create or define detailed questions that you want to show up in your custom assessment. 

  • Assign Unique Categories and optional Subcategories: Give each category or subcategory a unique name. This will be how your custom assessment is broken up in the platform, allowing for narrowed areas of focus and separation of questions. Users can assign categories and subcategories to users in the platform to allow for different departments or individuals to complete their part of the assessment. 

  • Assign Control/Subcontrol Mappings (Optional):
    • Custom Assessments can be mapped to any framework that is supported in the platform. Subcontrol Mappings allow users to quickly sync (Score Program button in the platform) all assessment data into a framework program for continuous compliance and ongoing management. Question responses can be setup to auto score framework subcontrols. Notes, Recommendations, Documentation, and Risks will sync to the framework program when score program is clicked. 
    • A list of frameworks offered can be found in the Build section of the platform. If you do not see the framework (Controls and Subcontrols) you wish to map to your custom assessment questions a Custom Framework can be built and imported to the platform (Refer to the Custom Framework Article [Add Article Link Here] for more details). 

  • Assign Question Response Types: Assign a response type to each question to allow users to respond to each question in the custom assessment. Apptega has standard response types that you can use in your custom assessment. If you do not see the standard response type you are looking for in the list below, you can define your own in the import template. The Apptega support team will work with you to implement your response options to your custom assessment. 
    • Yes/No/Partially/Not Applicable 
    • Met/Not Met/Partially Met/ Not Applicable 
    • Implemented/Partially Implemented/Alternative Implementation/Not Implemented/Not Applicable 
    • 0-5 Scale 
    • Multiple Choice (you define the response options) 
    • Free-Text (Text Field) 


3. Submit for Import 

After preparing your custom assessment, verify that the file format aligns with import template requirements. Contact Apptega support through the platform or by email to start the import process. 

4. Review and Validate the Imported Assessment 

Once the assessment is imported review the content and test the functionality by selecting responses, attaching evidence, adding notes/recommendations, and linking risks where applicable. If any issues occur, reach out to the Apptega support team. 

 

Conclusion 

Creating custom assessments in Apptega enables organizations to address unique security and compliance needs in a structured, efficient way. With features for risk identification, evidence management, readiness scoring, and more, custom assessments enable a clear path for organizations progressing toward compliance. If you need help at any point in the process, Apptega’s support team is always available to assist you. We are committed to ensuring that your organization’s compliance framework and assessment is comprehensive, effective, and tailored to meet your needs. 

CustomAssessmentImportTemplate.xlsx.zip
Tagged:

Categories