HomeGuidesAPI ReferenceChangelog
Log In
Guides

Setup Summary

Quick Summaries of the RegScale Setup Options for Implementation

Suggest Edits

General

Purpose: General information and settings for the platform. License information can additionally be found here including:

  • Instance ID
  • Domain
  • License Type
  • Number of Licensed Users
  • Log Retention
  • License Expiration

Implementation:

Customize the platform for all users by setting the following fields:

  • Title: The name of the environment.
  • Login Banner: The ability to set a banner that pops up when user's login.
  • Classification Level: The ability to set a system classification level, this will be reflected in a banner at the top of the application.
  • Banner Color: Customize the colors of banners within the application.
  • Footer Style: Preference for the application page footer, the large include links to useful RegScale references.
  • Currency: The ability to set a standard monetary symbol across the platform.
  • Company/Organization Logo: Ability to replace the standard RegScale logo in the top right of the page with a custom logo.

Cause Codes

Purpose: The cause code feature enables the user to create codes that map to causes created in the causal analysis from within the causal analysis module. Once created, codes can then be attached to the causes created in causal analysis form.

Implementation:

  • Create New Cause Code:
    • Select the +Create New option within the cause code manager.
    • Enter a designated name, value, and parent cause code (if applicable).
    • Click save to finalize the cause code.
  • Link Cause Code to Causal Analysis:
    • Within the causal analysis module, open a previously created causal analysis form.
    • Under the data entry dropdown menu, select the cause codes option.
    • Select a cause type when prompted from the dropdown menu.
    • Once a cause type is selected, a prompt will appear to select the relevant cause code that was previously created.
    • Once the relevant cause code is selected, select save to finalize the attachment of the cause code to the causal analysis entry.

Classification

Purpose: The classification feature allows you to set data classification tags and apply them to records in RegScale. There are many reasons to use our classification feature which include:

  • Establish the categories of information within your company to establish the basis for an information protection program.
  • Marking of records to establish their data classification.

Implementation:

  • Build out the Classification Labels (Setting)
    • To add a new classification label, click the "Create New" button.
    • To edit an existing classification label, click the "Edit" button on the left side of the table.
    • Complete the form entering a classification label, describe the confidentiality, integrity, and availability of the classification type, and provide a description of this classification type.
    • Click Save and continue the process until all labels are completed.
  • Apply the Classification System to a Record
    • Navigate to any record's data entry form in RegScale.
    • Click the "Classification" button in the subsystem dropdown.
    • Click the checkbox for each classification label that applies to the system. Be sure to save any changes.
  • Apply the Classification System to a System Categorization
    • Navigate to any Security Plan or Component's data entry form in RegScale.
    • Select "Categorization" from the Data Entry dropdown menu.
    • Click the checkbox for each classification label that applies to the system. Be sure to save any changes.

Custom Fields

Purpose: Generate custom fields to extend the base schema of RegScale. This feature allows our customers to create custom forms within the RegScale platform using a variety of different input types. Custom fields added will appear in the record under the Data Entry dropdown menu and the Custom Fields option.

Implementation

  • Create New Custom Fields
    • Select the module that you wish to add a custom field.
    • Click the "Add New" button.
    • Provide a name/label for the custom field.
    • Select the type of custom field (see later section for options).
    • Indicate whether the field is required to save a record.
    • Click the "Save" button to create the field.
    • Repeat these steps until you have all the custom fields desired for this form.
  • Managing Custom Fields
    • Select the module on the Custom Fields Manager to view the custom fields. There are several options for managing the custom fields:
      • Edit - select the module to view the list of custom fields. The bottom of the table will show the total number of custom fields created.
      • Required - click the "Required" column to toggle on/off whether the custom field is required.
      • Enabled - click the "Enabled" button to toggle on/off whether the custom field is enabled for the module. If it is not enabled, it will not show up for any new records. However, records with the disabled field will persist to ensure no data is lost.

Custom Field Types

RegScale supports multiple types of custom fields to include:

  • Text - collects data as a text string.
  • Numeric - collects number data (will not allow text entry or non-numeric).
  • Date - collects date data.
  • Dropdown - allows the customer to specify multiple values that can be selected from a pull down.

Custom System Labels

Purpose: Custom System Labels provides the capability for organizations to add fields to modules to extend the data schema. This allows our clients to tailor the RegScale Module configuration to existing organization processes and data structure.

Implementation:

  • Select the Module to edit
    • Edit the Module Data
      • Navigate to the Module Data section to edit:
        • Display Label: The singular name that is displayed in the application to users.
        • Pluralized Display: The plural name that is displayed in the application to users.
      • Enter the new singular and plural Module names in the corresponding fields.
      • Click Save by in the bottom-left corner of the section.
    • Edit the Form Field Data tab.
      • There are 6 columns in this section.
        • Field Name: The name defined by RegScale and how the module is referenced via API.
        • Display Label: The name that is displayed in the application to users.
        • Form Tab: The tab that the field is displayed.
        • Data Type: Type of data that the field collects.
        • Required: Indicates if the field is required.
        • Visible: Indicates if the field is visible to the user.
      • Type a Name in the Display Label field or check/uncheck the visible box.
      • Click Save by in the bottom-left corner of the section.
    • Edit the Form Tab Data tab.
      • There are 3 columns in this section.
        • Tab Name: The name defined by RegScale.
        • Display Label: The name that is displayed in the application to users.
        • Visible: Indicates if the field is visible to the user.
      • Type a Name in the Display Label field or check/uncheck the visible box.
      • Click Save in the bottom-left corner of the section.
    • Edit Customization Space tab.
      • Select a form tab to edit where the field displays.
      • Type a Name in the Title field.
      • Toggle the required check box to make the field required.
      • Click Save in the bottom-left corner of the section.

Email

Purpose: Turn on email capabilities within the platform and customize the template to standardize emails sent from the platform.

Implementation:

  • Toggle the check box to enable email functionality.
  • Utilize the text field to add an email template. There is the requirement of the {{body}} tag to maintain the messaging. Images can be pasted directly into the text box.

Facilities

Purpose: The Facilities function, otherwise known as the Facility Manager, allows administrators to add facilities relevant to the utilized modules. Facilities set in settings will be available to add to module records by selecting the Basic Info option under the Data Entry dropdown menu.

Implementation:

  • Select Create New.
  • Add a facility name, location details, and other non-required information fields information not denoted by an asterisk.
  • Select Save.
  • To add a facility saved to module records, select the Basic Info option under the Data Entry dropdown menu to add a Facility.

File System Configuration

Purpose: Manage file upload functionality for the platform.

Implementation:

  • Manage the limit to files that can be uploaded at a single point in time, the default is 100.
  • Manage the file types that are permitted to be uploaded into the platform. To add more file types, utilize a comma to delineate between the types.

Functional Roles

Purpose: The functional role manager interface enables users to add roles via the naming function. This functionality can be used while setting up workflows within the system for notification and approval activities.

Implementation:

  • Select Create New.
  • Add a Functional Role Name.
  • Select Save.
  • Assign user(s) by selecting View on the newly created role.
  • Under the Assign Users to the Role section, select a user from the dropdown list and select Add+.

Identity & Access Management (IAM)

Purpose: The IAM function enables administrator users to configure and control access permissions for platform users.

Implementation: Administrators may configure the following parameters for their users:

  • AD/LDAP: Configure directory integration for your RegScale tenant:
    • Select the Manage option to enable a popup prompt requesting the selection for either enable AD/LDAP or Enable AD/LDAP Auto Sync.
    • For further instructions on configuring the AD/LDAP option refer to the following guidance provided by RegScale.
  • Users: Add, activate, and de-activate RegScale users
    • Select the Manage option to preview the current user list of users.
    • In order to add a user, select the +Add function.
    • Enter the user details (username, first, last, phone, address) as applicable).
      • NOTE: Select the Email Notifications for New Record Assignments option to ensure user receives prompt to login to the RegScale platform.
    • Select an appropriate role for the user within the manage roles section.
    • Select an appropriate group for the user within the manage group section.
  • Groups: Create groups and assign users within RegScale
    • Reference this RegScale resource for an overview of managing groups.
  • Roles: Configure security roles for data access in RegScale
    • Reference this RegScale resource for an overview of managing roles.
  • User list table:
    • Utilize the user list table at bottom of the screen to view and edit user details, roles, groups, or security settings that have been previously created. Additionally, accounts can be locked or disabled.
    • Select the pen icon under the actions column for the applicable username to view user details. Once adjustments have been made, select the save icon to finalize adjustments made to the user profile.
    • The user list table will now represent the most up to date users and applied roles and settings.

Logs

Purpose: The Logs, or Error Logs function allows administrators to view error counts by month. The administrator can toggle between the bar graph or table style to graphically represent the error counts and summarized details. Selecting View will provide additional granular details on each error.

Metadata

Purpose: Customize the values of dropdown fields found within modules of the platform.

Implementation:

  • Select a module from the dropdown menu to filter the list in the table.
  • Select a field from the dropdown menu to filter the list in the table.
  • The resulting list is the values available for the field selected.
  • Utilize the edit button to customize the values.
  • Utilize the deactivate button to remove values.

Modules and Features

Purpose: Customize which modules are visible within the platform and which functionality features are available for your users.

Implementation:

  • Enable selections for modules and features that should be visible to all users by selecting the checkbox.
  • Disable selections for modules and features that should not be accessible to users by deselecting the checkbox.
  • Select Save.

Risk Configuration

Purpose: This function enables users to configure customized risk models that are tailored to company standards, requirements and individually defined risks. Models must be published for Risk module functionality.

Implementation:

  • Publish default models
    • Select Edit next to one of the default models.
    • Scroll to the bottom of the page and select Publish Configuration.
  • Create a new model & publish
    • Select the +Create New.
    • Give the Model a Title and a Model Type.
    • Select Save.
    • Select the size of the matrix to create for the Model.
    • Edit the Risk Categorization Options to customize the Title and Score of a value.
    • Set Color Range values based on scores.
    • Manage a custom list of Business Impact Areas to be assessed for the model.
    • Select Publish Configuration.

Security Policies

Purpose: The Security Policies, or Security Policy Configuration enables administrators to set security policies for your RegScale tenant.

Implementation: Administrators have the ability to adjust the following settings:

  • Multi-Factor Authentication (MFA) for all local user accounts
  • MFA prefix
  • Minimum password length
  • Password rotation frequency
  • Inactive account de-activation (In Days)
  • Session Timeout (In Minutes)
  • Browser Inactivity Timeout (In minutes)
  • Maximum password retry
  • Lockout duration

Tag Manager

Purpose: File records within the platform can have tags added to them for organization. RegScale default settings comes with a list of FedRamp related Tags to assist in OSCAL document exporting.

Implementation:

  • Create a new tag
    • Select Create New+.
    • Give the new tag a Title and a Type.
    • Select Save.
  • Edit an existing tag
    • Select view next to a value to edit a tag.

Service Accounts

Purpose: This setting enables the administrator to create Personal Access Tokens (PATs) that can be used to support service accounts. Service accounts are used to provide programmatic access to Application Programming Interfaces (APIs) to support automation use cases.

Implementation: By clicking the Create New option on the top right the function will allow administrators to create Personal Access Tokens (PATs) that can be used to support service accounts. Service accounts are used to provide programmatic access to Application Programming Interfaces (APIs) to support automation use cases. Each PAT has Administrator privileges, a specific duration, and justification/purpose for its use. All previously created PATs are shown in the table under the main service account page.

Theming

Purpose: The theming setting enables users to set a color theme for the platform’s user interface.

Implementation: Under color theme, chose between a predefined chromatic, classic, or customized option with adjustable color settings for the interface general color palate, performance status colors, and issue (POA&M) status colors. Select Save to finalize color selections.

Utilization

Purpose: The utilization feature enables the administrator to view user login activity and historical events by user(s).

Implementation: Users can review and export user historical events by performing the following steps:

  • Select the appropriate user under the Access Logs box.
  • Select the appropriate month and year to view both a bar graph of the employee(s) user logins by month and historical events by month.
  • Select the Last 24 Hours Only option to view user access logs in the last 24 hours.
  • Select Download to download an .xlsx formatted Utilizations Metrics workbook by employee(s).

Updated 6 days ago