Suggested Measures
Ce contenu n’est pas encore disponible dans votre langue.
The Suggested Measures library is a platform-wide catalogue of ready-made security controls and remediation actions. It’s a knowledge base your team can draw on when planning improvements — reusing proven control descriptions instead of writing each one from scratch. Measures work across frameworks and can support controls from several at once.
Browsing the library
Every suggested measure is listed with rich detail to help you choose the right one:
| Field | Description |
|---|---|
| Name | A short, descriptive title |
| Description | What the control involves |
| Category | Grouping such as Access Control, Encryption or Incident Response |
| Typical owner | The role usually responsible (CISO, IT Manager, DPO…) |
| Maturity level | How sophisticated the control is |
| Implementation cost | Estimated effort: low, medium or high |
| Complexity | Technical complexity: low, medium or high |
| Automation potential | Whether it can be automated |
| Related controls | Which framework controls it helps satisfy |
| Evidence needed | What typically proves the control is in place |
| Dependencies | Other measures that should come first |
Filter the library by category, maturity level or framework to find what fits.
Adopting a measure
Turn a suggested measure into a live remediation action in a few steps:
- Find the measure (or use Adopt from library while working on an assessment).
- Choose the target workspace.
- Set a due date.
- Assign the people responsible.
The adopted action appears immediately on the workspace’s planning board and can be linked to specific requirements.
Building the library
Authorised users can add new measures, filling in the name, description, category, typical owner, maturity, cost, complexity, the evidence that proves it, the framework controls it maps to, and any related measures. New measures are available to everyone straight away. Administrators can also bulk-import an existing control catalogue from a file — handy when getting started.
Suggested vs. adopted
The library holds templates. When you adopt one, a separate live action is created for your workspace. Updating a template doesn’t change actions already adopted, and each adopted action can be tailored — its own name, description, dates and owners — while still tracing back to where it came from.
Who can do what
| Action | Admin | Domain Manager | Analyst | Approver | Auditee | Reader |
|---|---|---|---|---|---|---|
| Browse the library | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Adopt into a workspace | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ |
| Add a new measure | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Bulk import | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |