Add and Manage Tests

Different users within the Governance Portal may perform testing. Therefore, the testing screen is divided into two sections:

1) Testing Detail Attributes- which is completed by the Test initiator and

2) Test Results - which is completed by the tester.

Users with edit permissions to the associated risk control matrix (and belonging to a role that can edit tests) can add tests to a given risk control matrix. Once the test has been added, a user can further restrict or add view and edit permissions to the test via the roles link (initial permissions are inherited from the associated risk control matrix). Users with edit permissions to the testing detail attributes can edit both sections of the test form. Users who are assigned as the tester can update the Test Results section of the form, even if they do not have edit rights to the testing detail attributes. This allows individuals to restrict access to the test planning section while allowing those in a tester role to update the results of their testing. The Test Results section is only available after the Testing Detail Attributes section has been completed and saved.

1. Access the Entity Hierarchy
   1. Select the Default GRC context from the context menu.
   2. Click the GRC Register tab.
   3. Select Entity Hierarchy from the Frameworks group.

      

2. Add Tests
   1. Right click on the RCM where you wish to add the object, click Add Object and select Test.

      OR

   2. Double-click the RCM you wish to view or right-click and select View Object. The RCM page will appear in the window on the right-hand side of the screen.
   3. Click Add in the Testing Details section to add tests through in-line editing or click Add to open the Test form in a separate window.

      Note: See In Line Editing for additional information.

      In Line View

      

      Test Form

      

   4. Enter a test name.
   5. Click Calendar to choose a period test start date and end date.

      Note: Period Tested End is a required field.

   6. Select a test type and test frequency from the drop-down list.
   7. Enter description and sample size information.
   8. Click Select User or Select User Group to enter the name of the tester. There are three options:
      • Enter text that contains the name, email address or network ID of the user you wish to select and click Execute or click Show All.

        Note: A list of users containing, (not equaling), the entered text will display in the search results.

      • Click the name of the user or click Select No User to indicate the user is not required.
   9. Click Save or Save.

      Notes: The newly added test will automatically be linked to the control from which it was added. The test can be linked to other controls contained within the process. Once submitted, the Test Results section becomes active on the Test form.

3. Update Test Results via in line editing

   Users who have been assigned as the Tester typically complete and update the Test Results section.

   1. Double-click the RCM for the entity, or right-click and select View Object.
   2. Scroll to the Testing Details section and click Edit next to the name of the test you wish to update.

      Note: Click Edit All to place all listed tests in edit mode at the same time.

   3. Select the test result summary from the drop-down list.
   4. Update any additional information through the text boxes or drop-down lists.
   5. Click Save.

      Note: Click Save All if the Edit All functionality was utilized.

4. Update Test Results via the Test Results Form
   1. Expand the Test folder in the RCM for the selected entity.
   2. Double-click the test you wish to edit, or right-click and select View Object.

      Note: You can also access the test from the RCM form.

      1. Double-click the RCM or right-click and and select View Object.
      2. Click the name of the test you wish to evaluate from the control list
   3. Click Edit in the Test Results section.

      

   4. Enter test results.
   5. Select values for Test Status and Test Result Summary from the drop-down list.
   6. Select the Completed check box when test information is finalized. The test initiator and tester section information cannot be changed once the complete box is selected.

      Note: Only the Admin can clear the Completed check box and reopen the testing information.

   7. Click Save to update the information and return to the Test Detail form.

      Note: The last modified by and date and time fields are displayed.

   8. Click the Attachments tab to upload supporting documentation or URLs for the test results.
5. Link existing Controls to Tests
   1. Right-click on the test that you wish to link from the entity hierarchy, click Link Object and select Control.

      Note: You can also link controls from the Test form.

      1. Double-click the test or right-click and select View Object. The Test form will appear in the window on the right-hand side of the screen.
      2. Click Link in the Controls section.
   2. Mark the checkboxes next to the risks or controls you wish to link from the list, depending on the object you selected.

      Note: Click Edit Search and utilize the list search functionality to modify your selection and focus your results. Utilize List Searches for more information.

   3. Click Save.
6. Add New Controls to Tests

   New controls can be added and linked to a given test.

   1. Right-click on the test that you wish to link from the entity hierarchy, click Add Object and select Control.

      Note: You can also add controls from the Test form.

      1. Double-click the test or right-click and select View Object. The Test form will appear in the window on the right-hand side of the screen.
      2. Click Add in the Testing Details section.
   2. Fill out the object form and click Save. The new object will be added to the RCM and linked to the risk from which it was added.

   Note: See Add and Manage Controls for more information on filling out the control forms.

7. Modify Test Permissions

   Users added via the Roles link can view and/or edit the test attributes section (top section) of the testing details form.

   1. Expand the Test folder in the RCM for the selected entity.
   2. Double-click the test you wish to edit, or right-click and select View Object.

      Note: You can also access the test from the RCM form.

      1. Double-click the RCM or right-click and and select View Object.
      2. Click the name of the test you wish to evaluate from the control list
   3. Click View Role Assignment.

      

   4. Select a role from the Choose Role drop-down menu.
   5. The form will either enable the assignment /un-assignment of Users or User Groups. To change the form to Users or User Groups, click on User Groups or Users respectively.
   6. To un-assign a user from a role, click UnAssign next to the user's name.
   7. To assign a user to a role, enter the name, e-mail and network ID or perform a search or click Show All to show all available users.
   8. Click Assign next to the user/user group name to be assigned.

   Note: See Administer the Governance Portal for information regarding roles and permissions.