Once you have created an account (either by searching for the Cyberday app from the MS Teams store or via our free trial from the website), you can start setting everything up. In the following paragraphs, we will show you how:
Activating your first framework(s)
Once the information needed for the account setup are filled, you will be taken to the dashboard view and you will see the following pop-up window, from which you can get directly to our framework library by simply clicking the button in the pop-up window:
Our framework library will show you the available frameworks you can choose from. You can also see upcoming frameworks in the library, but for the beginning, let's focus on the available ones to activate your first framework! Simply move the switch in the framework of your choice to the right to activate it.
After you have activated a framework, you will see how many new or extended policies and how many new tasks have been added for you to work with. After the selection of your first framework, you can either go directly to the dashboard to continue your work with the framework or close the window and activate other frameworks, if needed. You can return to the framework library and activate more frameworks at any point.
Set your primary framework
Remember to set your primary framework. This will help you especially, if you have activated several frameworks. You can mark a framework as your primary framework by clicking the star next to its name on your organization dashboard view.
Basic (policy) evaluations
In order to create a basic overview of your current status, we recommend you to start with very basic evaluations of your policies. Navigate to the organization dashboard and click "evaluate" next to a theme of your choice.
After clicking the evaluate button of a theme, you will get to the overview of the different policies within that theme. You can start evaluating one policy after another for the theme now by clicking "evaluate".
Start the evaluation or assign a responsible person for the evaluation of this policy, if it is somebody else than you. When evaluating, include the tasks that you have implemented at least partly. Move the switch to the right to include a task and tell how the current status of the task is. You can choose between
- untreated (automatically selected, if the task has not yet been marked as included)
- not done (if it has been included, but there has nothing been done for the task yet)
- partly done
- mostly done
- fully done
Click "Finish evaluation" in the upper right corner once you are done. Cyberday will then calculate the effects of your evaluation on the compliance and risk level for your framework choice. The more tasks you implement, the lower the risks will be evaluated in your risk register.
You will get an immediate overview of the percentage of how much more compliant you are now and how your risks have decreased. If you evaluate a task as partly, mostly or fully done, you can continue by filling more information about how the task is being carried out in the task card or you can continue with the basic evaluations and return to the tasks assurance information at a later point. In order to work with the tasks, click on "work on this policy".
As you can see from the screenshot below, after the first evaluation, you can see the status of the first policy has changed and so has the compliance level (shown in the graph in the upper right corner). Continue with the other policies to get the full picture of your organization's security level step by step done.
Status vs. assurance
After the evaluations, you can see in the dashboard that the status has changed. Instead of "not evaluated", you can now see if the status of the theme is e.g. weak, medium or strong. However, the assurance will still show "none" until you are working with a task in the task card directly and add assurance. Please check out our other academy articles if you would like to learn more about how to add assurance and what kind of assurance methods are available in Cyberday.
Your compliance report
You can follow your compliance level and access the compliance report at any time from the dashboard. Click "Compliance report" to assess the compliance report or "Framework content" to get further information about your framework reports, tasks and stats.
Remember to update the compliance report data, if you have done some changes to the tasks or e.g. did more evaluations. Simply click "Update data" and wait a short moment. Your updated compliance report will show for you, just like in the following example screenshot.
Questions and feedback
With these steps you'll get a head start to your ISMS work. If you have any further questions, would need another help article or would like to give some feedback? Please contact our team via team@cyberday.ai or the chat box in the right lower corner.