Updating and Enhancing Organizational Details

Here’s how you can use uploaded data to update and refine your organization's profile efficiently:

1. Review Uploaded Data:
• After uploading your documents in the "Files", navigate away from this page by scrolling up.
• Click on the "Profile" page  in the “Organization” section to view the information.
2. Automatic Data Population:
• Observe that the data from the uploaded files has automatically populated most of the fields under “Organizational Details.”
3. Edit Organizational Details:
• If you spot any inaccuracies or if updates are necessary, click on "Edit" located at the top right corner of the page.

4. Refine Details with AI Assistance:

• As you edit, look for fields marked with little yellow stars.
• Clicking on these stars will prompt the AI to provide suggestions, helping you refine your organizational information effectively.

5. Save Changes:

• Once you have made all necessary modifications, click “Back.”
• Your changes will be automatically saved, ensuring that your organizational profile is updated and accurate.
  

Analyzing Context

1. Access Governance Section:
• Navigate to the menu and scroll to locate the "Governance" section.
2. Open Context Settings:
• Within the Governance section, click on "Context."
3. Use Organization Context Analyzer:
• After uploading your files in the “Organization” section under “Files,” proceed to click on "Organization Context Analyzer." This tool will automatically analyze the files and populate the organization context for you.
4. Edit Organization Context:
• If adjustments are needed, click "Edit" to modify the information manually or utilize the AI-assisted features.

 

 

5. Utilize AI for Enhanced Editing:

• On the editing page, look for yellow stars next to some fields. These stars indicate that AI suggestions are available to assist you in refining the content.

6. Save Your Modifications:

• After making all necessary changes, click on the save icon to ensure that your updates are preserved.

7. Return to Previous Section:

• Once you have completed updating the organization context, click “Back to Context Page” to navigate back to the previous section.
  

Adding Company Departments

To expand and organize your organization's structure by adding new departments, follow these steps:

1. Navigate to the Identify Section:
• Go to the menu on the left side of your screen and locate the "Identify" section.
2. Access Department Settings:
• Click on "Departments" within the Identify section to manage departmental information.
3. Add New Departments:
• To begin adding departments, click on "Add New Departments."

 

 

4. Enter Department Details:

• Fill in the required details for each new department you want to add. Ensure all information is accurate to facilitate effective organization management.

5. Save Your Entries:

• After entering the details, click on "Save" to secure the information and officially add the departments to your organization.

 

Adding and Managing Company Members

Follow these steps to efficiently manage and expand your organization's membership through the Department section:

1. Access Governance:
• Select “Governance” from the main menu.
• Click on “Departments”.
2. Edit Department:
• Find the department to add members to and click the “pen icon” next to it.

 

3. Add Member:

• In the department's page, click on “Add Member”.
• Select “Add New Member”.

 

 

 

4. Enter Member Details:

• Fill in the form with the member’s information.
• Click “Save” to finalize the addition.

5. Verify Addition:

• Ensure the new member appears in the department’s member list.

 

Uploading Your Network Diagram Files

Network diagrams are essential tools for visualizing the layout of your network infrastructure. They help in understanding virtual operations and managing assets efficiently, which is critical for enhancing security. Here’s a step-by-step guide on how to upload your network diagram files or create one if you don’t already have it.

1.    Access the Upload Feature:

·        Navigate to the department section within your system. Look for an “Upload File” button located in the top right corner.

2.    Upload Your File:

·        Click on the “Upload File” button and select your network diagram file from your computer. Make sure the file is in a format that your system supports.

3.    Create a flow chart:

·        If you don’t have one just go create on in any flow chart app (e.g. Draw.io)

·        Then save the image of your flow chart and upload it to the MapleGRC app.

Managing and Adding Assets

Adding and managing your organization's assets can be streamlined with the following steps:

1. Begin by Accessing the Departments Section:
• In the "Departments" section, start managing your assets. Locate the pen icon next to each listed asset to make edits.

2. Utilize the Assets Discovery Assistant:

• On the asset editing page, click on "Assets Discovery Assistant." This AI-powered feature facilitates the process of uploading and registering all your assets simultaneously.

 

3. Bulk Upload Assets:

• Select "Bulk Upload" to add multiple assets at once. You can upload an Excel sheet containing detailed information about your assets. The system will analyze the file and automatically incorporate the assets into your system.

 

4. Manual Upload for Hardware Assets:

• If you don't have an Excel sheet ready, click "+ Add Hardware Asset" to manually enter details for each hardware item.

 

5. Add Software Assets:

• Use the dropdown menu to select and add your software assets.

6. Repeat the Process for Other Asset Types:

• Follow the same steps to add "hardware assets" and "virtual assets," ensuring all categories of assets are updated and managed correctly.

Selecting Standards and Regulation

To incorporate specific standards and regulations into your organizational processes, follow these detailed steps:

1. Access the Organization Section:
• In your application menu, scroll to the bottom and click on "Organization."
2. Navigate to Standards and Regulations:
• Within the Organization section, select "Standards and Regulations."
3. Initiate Addition of New Standards:
• Click on "Add Standard and Regulations" to start incorporating new standards into your organization.

 

 

4. Select the First Standard:

• From the drop-down menu that appears, select "CyberSecure Canada Level 1." Add this standard to begin aligning your processes with this regulation.

5. Add the Second Standard:

• Repeat the addition process by selecting "CyberSecure Canada Level 2" from the same drop-down menu to further enhance your regulatory compliance.

 

6. Assign Owners for Each Standard:

• For each standard you add, select an owner who will be responsible for overseeing the implementation and compliance of that standard within your organization.

7. Save and Apply Settings:

• After selecting the relevant standards and assigning their owners, click on "Save" to confirm your choices and apply these settings.

 

Vendor Assessment Process

To effectively manage and assess your vendors' compliance and certifications, follow these detailed instructions within your system's "Identify" section. This process helps ensure that all vendors meet your required security and quality standards.

Accessing Vendor Assessment

1. Navigate to Vendor Assessment:
• Open the main menu and locate the "Identify" section.
• Click on "Vendor Assessment" to begin evaluating your vendors.

Adding a Vendor

2. Add a Vendor:
• In the Vendor Assessment section, click on “Add Vendor” to start the process of entering a new vendor into your system.

3. Fill in Vendor Details:

• Once you click on “Add Vendor,” a form will appear. Fill in all the necessary details about the vendor.

4. Save Vendor Information:

• After filling in the details, click on “Save” to add the vendor to your system.

Uploading Vendor Certifications

5. Upload Vendor Certifications:
• For each vendor, you will need to upload relevant certifications such as ISO, SOC2, Cybersecure Canada, etc.
• Click on “Upload File” next to the respective vendor’s name.

6. Select Certificate Type and Upload:

• In the “Tag” dropdown menu, select the type of certification you are uploading.
• Click on “Upload File” to choose the certificate file from your local system.
• After selecting the file, ensure you click on “Save” to securely store the certificate in the vendor’s profile.

Requesting Certifications from Vendors

7. Template for Requesting Certificates:
• If you do not currently have the necessary certifications from a vendor, click on “Template for Requesting Certificates.”

• This option provides you with a pre-formatted template that you can use to email vendors requesting their certifications. It also includes an attachment that should be included in the email to make your request clear and professional.

8. Send Requests and Manage Responses:
• Use the provided template to send out requests to all vendors from whom you need certifications.
• Keep track of received certifications by updating the vendor profiles with the new documents.
9. Review and Compliance Check:
• Regularly review the uploaded certifications for validity and compliance.
• Ensure all vendor information and certifications are up to date and follow up with vendors as necessary.

Adding Roles and Responsibilities

Here are the steps to add and manage cybersecurity roles within your organization using the "Governance" section:

1. Access Governance Section:
• Navigate to the “Governance” section from the main menu.
2. Open Roles and Responsibilities:
• Click on “Roles and Responsibilities” to view and manage roles specific to your organizational structure.
3. Enable Editing:
• Click on “Edit” to make changes to the roles and responsibilities page.

 

4. Add Cybersecurity Leader:

• Click on “Add Role” to create a new role.
• Specify the role as the person in charge of Cybersecurity. Input necessary details such as role name, responsibilities, and qualifications.

5. Add Cybersecurity Team Members:

• Click on “Add Cyber Security Team Member” to add individuals to the cybersecurity team.
• Fill out the required information for each team member, including name, contact details, and specific responsibilities within the team.

6. Complete the Form:

• Continue to fill out the rest of the page with relevant details for other roles or responsibilities as needed.

7. Save Changes:

• Click on the “save icon” to ensure all your new information is saved and updated in the system.

 

Managing Risk Scenarios and Developing Incident Plans

Follow these streamlined steps to manage risk scenarios and create incident plans in your system:

1. Navigate to Risk Management:
• Go to the “Identify” section.
• Click on “Risk Management” and then select “Risk Scenario”.
2. Select a Scenario:
• Choose one of the listed risk scenarios to manage.

 

3. Initiate Mitigation:

• Click on “Mitigate”
• Review the linked assets and the controls in place to assess their implementation status.
• to ensure comprehensive risk management across your organization.

 

 

 

 

4. Link to Incident Plan:

• Scroll to the bottom of the page.
• Click on the link provided (marked as “here”) to redirect to the Incident Plan page.

 

5. Create or Update Incident Plan:

• Now in the “Response and Recover” section, under “Incident Management”, navigate to “Incident Plans”.
• Now you will find an incident plan created for your organization for the risk scenario.

6. Repeat for All Scenarios:

Repeat steps 2 through 5 for each risk scenario

Managing and Exporting Risk Assessment

To effectively manage and document risk assessments within your system, follow these steps:

1. Navigate to Risk Management:
• Go to the “Identify” section of your platform.
• Click on “Risk Management” and then select “Risk Assessment”.
2. Review Risk Assessment Table:
• On the risk assessment page, locate the table that includes a list of risk IDs.
• Each risk ID is associated with Risk Scenarios that were mitigated earlier.

 

 

3. Edit Risk Details:

• Scroll to the right within the table until you find the “Pen Icon” next to each risk ID.
• Click on this icon to edit the respective risk.

 

 

4. Update Risk Information:

• In the form that appears, fill out or update the details related to the risk.
• Ensure all necessary fields are completed to accurately reflect the risk and its mitigation measures.

5. Save Changes:

• Click on “Save” after editing each risk to ensure that your updates are recorded.

 

6. Repeat for All Risk IDs:

• Continue this process for each risk ID in the table to ensure all risks are up-to-date.

7. Export Risk Assessment Report:

• Once all risk IDs have been edited and saved, click on “Export Risk Assessment”.
• This action will generate a report of the risk assessment, which can be used for auditing purposes or further review.

 

 Setting up Your Cyber Risk Management Strategy 

To effectively manage and analyze your organization's cyber risk, follow these detailed steps:

1. Access the Governance Section: Navigate to Cyber Risk Strategy.
• Scroll through the menu to locate and select the "Governance" section.
• Within the Governance options, choose "Cyber Risk Strategy."
2. Use the Cyber Risk Management Strategy Analyzer:
• Click on "Cyber Risk Management Strategy Analyzer." If financial documents have been previously uploaded, the tool will automatically assess your cyber risk tolerance, appetite, and capacity.
3. Manual Input if Necessary:
• If no financial statements are available, click "Edit" to manually input the required information.

4. Enter Data Manually or Use AI Suggestions:

• On the editing page, you have the option to manually fill out the data or utilize AI-generated suggestions by clicking on the "Yellow Stars Icon."

5. Save Your Work:

• After entering the necessary data, click the "Save Icon" next to the AI suggestions to ensure that all your modifications are preserved. This step is crucial to prevent any loss of data.

6. Return to Previous Page:

• Once all entries are complete, click on the "Back" button. This action takes you back to the previous page, allowing you to confirm that all changes have been saved correctly and that no information is missing.