HomeGuidesAPI ReferenceChangelog
Guides

Assessments

Suggest Edits

RegScale Manual Assessments Guide

Overview

This guide provides a complete, step-by-step walkthrough for performing Manual Assessments in RegScale. It follows the structure and tone of the public RegScale ReadMe documentation while expanding the content to include the full SOP provided. It explains what assessments are, why they matter, and how to perform one inside a Security Plan.

What Are Assessments?

Assessments in RegScale allow organizations to evaluate their controls for effectiveness, alignment to policy, and compliance readiness. They support continuous monitoring by enabling periodic, repeatable review cycles that result in findings, issues, and corrective action plans.

Why Are Assessments Important?

Assessments create audit-ready documentation, ensure continuous compliance, and allow organizations to detect gaps early. They provide structure for testing, reviewing evidence, documenting results, and generating corrective actions.

How to Perform a Manual Assessment in RegScale

1. Navigate to the Security Plan

  1. In the top navigation bar, select Modules.
  2. Choose Security Plans.
  3. Locate and open the applicable Security Plan from the list.

2. Access the Assessment Tools

  1. Inside the Security Plan, look at the right side of the screen under Scorecard.
  2. Select Assess Controls.
  3. At the top of the screen, select Manual Audits.

3. Create a Manual Assessment

  1. Click Create New to begin the assessment creation wizard.
  2. Complete the following steps:
    • Title: Enter a meaningful name.
    • Lead Assessor: Assign the responsible person.
    • Instructions: Optional details for reviewers.
    • Schedule: Define start and finish dates.
    • Controls in Scope: Select the controls being evaluated.
    • Process Info: Optional methodology or notes.
  3. Click Finish to create the assessment.

4. Open the Assessment and Review Progress

  1. Return to Assess Controls.
  2. Under Continuous Monitoring Assessments, click the assessment you created.
  3. On the right side, under Data Entry, choose Progress Report.
  4. Scroll to the bottom to view the Controls in Scope list.

5. Launch a Lightning Assessment

  1. In Controls in Scope, locate the control you want to evaluate.
  2. Open the three-dot Actions menu.
  3. Select Lightning Assessment.

6. Perform the Lightning Assessment

  1. Select the Assessment Result: Pass, Partial Pass, Fail, or Not Applicable.
  2. Document Observations about what was tested and what was found.
  3. Add notes in Evidence describing or referencing the evidence used.
  4. In Gaps and Differences, describe any issues or deficiencies found.
  5. Optionally complete the Risk section:
    • Likelihood
    • Impact
  6. Enable Auto-generate an Issue if you want RegScale to create a reportable item.
  7. Click Save and Next to continue or complete the review.

7. Configure a Recurring Assessment

  1. From within the assessment or from the Assessments module, open the Utilities menu.
  2. Select Recurrence Wizard.
  3. Configure the following:
    • First Instance Planned Start and Finish
    • Repeat Until date
    • Assignment (individual or group)
    • Frequency: Daily, Weekly, Bi-weekly, Monthly, Quarterly, Bi-annually, or Annually
  4. Click Next, then Confirm and Create Assessments.
  5. RegScale will generate future assessment instances automatically.

Updated about 11 hours ago