The Compliance module is a set of questions that helps your company fulfill the ISO27001 and SOC2 standards.
It is an important and often essential step for your legal team to assess the risks and approve the SaaS tools that you want to start using.
Take the questionnaire as you add a new application
When you request a new application, at the bottom of the form, you will find at most 3 selected questions from the questionnaire in the Compliance requirements section:
If you check Yes, you’ll be prompted to complete the whole Compliance questionnaire after submitting the application form. You can either do the review instantly or receive a reminder per email on a specific day:
Don't have all the info just yet? Don't worry!
It is not mandatory for you to complete the form as you request the new application. As the App Owner, you can go back to the form and add more details, even while the request is still pending for approval or is declined.
Take the questionnaire in the Compliance tab
Admins, Team managers, Compliance and Finance users can answer questions at any time within the Compliance tab of an application.
The tab leads to an Overview tab followed by the questionnaire divided into sections:
-
Overview
Shows you all questionnaire sections and their statuses:
- Pending: The section has not been filled in at all.
- In Progress: Some responses have been saved, but the section is not ready for review yet.
- Completed: The section has been completed and submitted. Each section can only be submitted when all mandatory questions are answered. After you submit the questionnaire, you can still go back and make changes.
- Business case
- Details of the product/service
- Risk assessment
- Contract review
-
Exit plan
A conditional section that will only appear if you answer Yes to the question "Based on the risk assessment, above, is the product/service critical or important for your company?" in the Risk assessment.
Some sections might be hidden if there are no applicable questions for you to fill in.
Supported file formats
Uploaded documents support the following formats:
- jpeg (image)
- png (image)
- bmp (image)
- pdf (application)
Updated questionnaires
If the questionnaire has gone through any changes since you last edited or submitted the form, a Form update notification will appear where you can select the version you would like to work on:
- Select Previous version to continue working on the previously displayed and answered questions
- Select New updated version to show new questions. Previously saved answers will be displayed if the questions were not removed.
The filled in questionnaire, along with all the files uploaded, can be exported in the Overview tab via the button. You have the option to download:
- a PDF without attachments
- a ZIP with a PDF file and attachments