Create a Corrective or Preventative Action manually or from a
Security Event, Security Incident, Audit, or Risk Assessment.
To create a Corrective or Preventative
Action:
- Select the
Create a Corrective Action or
Create a Preventative Action link from the
Actions list of an active Security Event,
Audit, or Risk Assessment form.
- Provide a description and details.
Examples include: A noncompliance was discovered while
conducting a Risk Assessment on the Sales team's laptops; and, additional
security training should be provided to the Sales team, and the noncompliance
should be removed from all laptops.
- The
Source and
Type fields automatically populate.
- Select the asset and priority.
The asset is the Configuration Item that is the focus of the
action (optional).
- Select a projected start and end date.
- Select the assigned team and owner.
The
Assigned To options are driven by the
Assigned Team selection.
- Select the business owned by team and business owner.
The
Business Owner options are driven by the
Business Owned By Team selection.
After owners have been assigned, select the
Next: Assigned link (under
Status) to move the Corrective or Preventative
Action to the Assigned phase.