Our compliance dashboard gives you oversight on the status of assigned compliance tasks. The extended view (for Administrators) shows the status of Governance, Data Subject Access Requests, Breaches and Data Mapping. You will be able to assign responsibility to entire compliance areas or just specific tasks.
You can set review dates and we'll automatically remind all parties by sending out notifications about pending tasks and upcoming deadlines. In addition to notes and status updates, you can now upload documents against each task. The new functionality also enables you to add your own customised compliance sections and subsections. Let’s get started…
ADD A NEW COMPLIANCE SECTION
Should you need to add your own GDPR-relevant compliance sections, simply go to Compliance on the home page and click Add New
In the example below we are adding the main section called, Fraud Detection & Prevention with the 2 subsections, Anti Money Laundering and Know Your Customer. The subsections are the actual checklists and these must be populated. If you don’t add subsections, the main section becomes the checklist.
Do you need to edit a section name? Simply click on ‘Edit compliance section’
The existing roles remain – i.e. Administrator, who has all access, or Compliance User who only has access to those Compliance sections which have been assigned. There is a new role called Task Owner – when a Task Owner logs in, he or she will only see tasks which have been assigned and will not have access to compliance sections.
HINT to Administrators – when a Compliance User is added in the Compliance sections, you should complete that user’s telephone contact details under Organisation / Users. Only users with the Administrator role will now count towards the maximum number of users for the organisation’s account.
CUSTOMISING THE CHECKLIST
A ‘person responsible’ could be an Administrator or a Compliance User. Select the ‘person responsible’ for the section or subsection. If the person responsible does not exist in the list, add the person by clicking on the white cross in the green circle. Any users added at this level are automatically assigned the role of Compliance User. Administrators may add Compliance Users and Task Owners to any section while Compliance Users may only add Compliance Users and Task Owners to sections where they are responsible. (The red x is used to clear the person currently occupying the position).
Now start adding individual checklist items – by clicking ‘Add new item’ or use the CSV template to import multiple items.
HINT – in the CSV, use column A for the checklist item and insert the risk level in column B. Ensure that there are no commas in the upload sheet. ‘H’ for High Risk; ‘M’ for Risk; ‘L’ for Low Risk.
ASSIGN COMPLIANCE SECTIONS OR TASKS
By default, when the new functionality was introduced, the organisation’s primary Administrator (see Users, under Organisation) was set as the person responsible for all sections.
When the person responsible is manually set for a section, the same user will be set as the person responsible for all subsections of that section – IF, of course, a person responsible has not already been set for a subsection. It’s still good practice however, to check whether all sections have a person responsible assigned.
You may also assign responsibility to specific tasks and set a review cycle to automatically remind all parties of tasks that are pending review. Any users added at this level are automatically assigned the role of Task Owner. By default, persons responsible for sections and subsections are task owners for those sections.
In the example below, the task has been assigned to Polly Anna without any review cycle having being set. If, I her response, she sets the status to either Complete or N/A, the task will be considered has been completed. If, subsequently, the status is changed to Not started or In progress, the item will be considered as ‘pending review’.
In the example below, the task has been assigned to Polly Anna, is due on 30 September, 2019 and must be reviewed by the person responsible, every 6 months.
Set for all will set the same review cycle for all checklist items in that section. Remove will remove the review for that particular task. A red bell indicates that a task is past due.
Where tasks have been assigned:
Each night (at 01:00 GMT) task assignees will be notified of tasks due the next day.
Every Friday morning, task assignees will be sent a summary of tasks due in the next 7 days
Notifications to Persons Responsible:
Every Friday morning, persons responsible will be sent a summary of tasks due in the next 7 days
NOTES & FILES
In addition to notes and status updates you can now upload documents against each task. Click the page icon to the right of each checklist item to view and add notes and documents. If the icon is grey it means there are no notes or documents. A black icon indicates that notes and/or documents have been added.
Click the dashboard icon in our new left-hand side navigation bar or select Dashboard in the top right navigation bar. An Administrator can see the entire dashboard, a Compliance User can see the ‘Task Status’ view and the Task Owner can only see his/her assigned tasks.
Task Status Section
There are 3 viewing options – by Responsible Person, Task Owner or Section. Hover over any section to see the count of items by status. In the ‘By Section’ option, click on any bar to go to that section. Note the option to include assigned items, unassigned items or both.
Remainder of the dashboard
The rest of the dashboard is available to Administrators and includes the status of:
Processor contracts (Contracts Expiring = all signed and uploaded contracts expiring in the next 30 days. Valid Contract is a signed and uploaded contract NOT expiring in the next 30 days)
Data sharing agreements
Data Subject Access Requests
Note, the following items will be removed from the existing Notifications:
Of an outstanding compliance assignment
To do a complete compliance review