ISMS mApp Solution Items

The Items table provides a list of items included when applying the mApp Solution and the typical merge action.

These are the items included in this mApp Solution:

Item Category


Typical Merge Action

Business Objects

Config - Supporting Service, Event Operation, EventOpsSecurityLinksCI, Exemption term, Facilities Building, ISMS Audit, ISMS Authority Document, ISMS Business Impact Classes, ISMS Category, ISMS Citation, ISMS Compliance, ISMS Control, ISMS Control Group, ISMS Control Source, ISMS Data Classes, ISMS Data Classification, ISMS Data Classification Questions, ISMS Exemption, ISMS Groups, ISMS Operating Unit, ISMS Participant, ISMS Pending or Withdraw Cause, ISMS Policy, ISMS Priority Matrix, ISMS RACI Definition, ISMS Risk Assessment, ISMS Risk Assessment Type, ISMS Risk Mitigation, ISMS Risk Mitigation Questions, ISMS Risk Response, ISMS Roles, ISMS Root Cause Codes, ISMS Root Cause Deficiency Category, ISMS Root Cause Factors, ISMS Root Cause Types, ISMS Security Cause Code, ISMS Security Incident, ISMS Source, ISMS Specification Lookup, ISMS Status, ISMS Status List, ISMS Status Phases, ISMS Support Service Format, ISMS Threat Analysis, ISMS Threat Analysis Classes, ISMS Threat Analysis Questions, ISMS Threat Analysis Type, ISMS Threat Likelihood Classes, ISMS Type, ISMSAuditLinksControl, ISMSAuditLinkstoCI, ISMSAuthortyDocument_to_CommonControl, ISMSCitationlinkstoControl, ISMSComplianceLinksCI, ISMSComplianceLinksControl, ISMSRiskAssessmentLinksAgreements, ISMSRiskAssessmentLinksCI, ISMSRiskAssessmentLinksService, ISMSRiskAssessmentLinksSupplier, ISMSRiskAssessmentsLinksBuilding, ISMSRiskAssessmentsLinksSite, ISMSRiskEventLinksCI, Journal - Security Event, Network Event, Network Event Source, Network Event Status, Network Event Type, Recovery Objective, Security Event Status, Security Event Type, Security Runbook, SecurityEventLinksISMSAssessmentCI, SecurityEventLinksISMSRiskAssessmentSS, SecurityIncidentLinksISMSRiskAssessment, SecurityIncidentLinksISMSRiskAssessmentSS, Site, State/Province/Territory, Supervisory Authority

Agreement, Change Request, Configuration Item, Customer Journal, Supplier, Task Don't Change
Change Request, Incident, Service Merge
Secret Question Overwrite
Stored Values CI Rec Link, CI Risk Assessment, ISMS Authority Document Current, ISMS Compliance RecID, Linked False, Linked True, Network Event Ops ID, Security Operations Tab Links, Selected Compliance Policy, SS Risk Assessment, Temp Affected User, Temp Control, Temp Grant Access Import
Teams Security, Security Incident Import
Themes ISMS Dashboard, ISMS Theme Import
Widgets Active Assessments, Active Authority Document Count, Active Events by Risk, Active Events by SS, Active Events by Support Service, Active Evnets by CI, Active Security Incident List, Active Security Incidents, All Active Security Incidents, Audits By Status, Audits Starting in the Next Week, Authority Document Citations, Authority Document Filter, Corrective Actions by Source, ISC Sans, ISMS Main Filer, missing justification deatils, My Pending Approvals - Number, My Security Events, My Security Incidents, Open Corrective Actions, Open Network Events, Open Network Events - Total, Open Preventative Actions, Overdue Audit, Policies missing relationships, Policy by Stage, Preventative Actions by Source, Risk Assessment by Stage, Risk Assessment Mitigation Score, Security Events by Priority, Security Events Owned by Me, Security Incident by Level, Security Twitter, Todays Security Events, US-Cert Import
Discussions, Knowledge Article Search, Knowledge Articles with Like Counts, Known Errors, My Active Discussions Count, My Devices Count, My Open Incidents, My Open Incidents and Requests, My Open Incidents Count, My Open Requests, My Open Requests Count, My Recently Closed Incidents and Requests, Problems with a Work Around, Problems with no Work Around, Subscribed, Top Issues Count Overwrite
One-Step™ Actions Add Activity, Add Affected User, Add Role, Add SOP to Current Control, Add Staff Responsibility, Add Supervisory Authority, Add user, Advance Page Forward, Advance Status, Advance Status, Approval Accepted, Approval Denied, Approve, Assign Asset Custodian Team, Assign Asset Owner, Assign Lead Auditor Team, Assign Location, Assign Owner, Assign Owner Team, Assign Risk Owner, Assign Risk Owner Team, Assign Source, Assign to, Assign to a Team, Assign to an Owner, Assign to Any Asset Custodian, Assign to Any Auditor, Assign to ANY Business Owner, Assign to ANY Individual, Assign to ANY Individual for Owner, Assign to ANY Individual for Sponsor, Assign to ANY Owner, Assign to ANY Reviewer, Assign to Any Risk Owner, Assign to Business Owner, Assign to BusinessTeam, Assign to Individual, Assign to Individual for Sponsor, Assign to Lead Auditor, Assign to Owner, Assign to Policy Author, Assign to Reviewer, Assign to Team, Assign to Team and Owner, Assign to Team for Owner, Assign to Team for Sponsor, Assign Type, Attach SOP, Begin Assessment, Calculate Abbr, Calculate Risk, Check for Related Policy, Check Values, Close Security Event, Complete Specification Definition, Compliance Records Open, Copy of Complete Specification Definition, Copy of Iterate Questions Backward, Copy of Iterate Questions Forward, Copy Policy Control Group Relationship to Join, Create a Boundary Definition, Create a Control, Create a Control Audit, Create a Corrective Action, Create a new Audit, Create a Preventative Action, Create a Preventative Record, Create a Related Record, Create a Risk Assessment, Create a Root Cause, Create a Security Event from an RSS Feed, Create All Controls, Create Audit, Create Change, Create Change Request, Create Compliance, Create Compliance Action, Create Compliance Policy, Create Compliance Record, Create Corrective Action, Create Event from Twitter, Create Gap Supporting Records, Create Incident, Create IT Incident, Create Preventative Action, Create Related Compliance Records, Create Related Compliance Records (Backup), Create Related Records, Create Revise Policy, Create Security Event, Create Security Event from Portal, Create Security Incident, Create Supporting Records-old, Create Task, Create Task for supervisory authority., Create Threat Supporting Questions, Customer Follow-up E-mail, Delete Denied Approval Rec ID, Denied, Denied Review, Email Asset Owner, Email Owned by - Network Event, Email Owner, Email Reported by - Network Event, Email Reported by - Security Event, Email Security Incident, Email Security Incident Team, Follow-up Email to Asset Custodian, Follow-up Email to Owner, Follow-up Email to Risk Owner, Goto Service, Grant Access to User, Iterate Questions Backward, Iterate Questions Forward, Link Citation to Control, Link Controls, Link Primary CI Item, Link to an Audit, Memo Style - Security Incident with Events, Move Back Control Pages, New Security Event, Next Stage In Incident, Next Status, Notify Granted Access Users, Notify Owner, Notify Owner of Approval, Notify Owner of Assignment, Notify Owner of Denial, Notify Owner of Risk Assessment, Notify Owner of Security Event, Notify Participant of Audit, Notify Risk Owner, Notify Team of Security Event, Owner Follow-up E-mail, Populate Control Questions, Previous Stage In Incident, Print Boundary Def, Recalculate, Recalculate All Scores, Recalculate Percent Complete, Recurring Audit, Re-Enable Editing, Remove from Pending, Remove Record Lock - Approved, Report Anonymously, Reset All, Retire Risk Assessment, Review and Create Journal, Reviewer Follow-up E-mail, Risk Analysis Completion, Risk Analysis Completion (Data Classification), Risk Analysis Completion (Mitigated Risk Score), Risk Analysis Completion (Risk Mitigation), Risk Analysis Completion (Threat Analysis), Risk Analysis Completion Next Steps, Risk Review Denied, Save n Back to Home, Save Selected Controls 01-23, Save Selected Controls 24-45, Save Selected Controls_SAVE, Security Operations - Infosec-Tab, Security Operations - Twitter Tab, Select and Link Policy or Unlink Policy, Select CI, Select Owner, Select Requestor, Select Supporting Service, Set Alt Status, Set Next Question Number for Risk Midigation, Set Next Question Number for Security Class, Set Next Question Number for Threat Analysis, Set Next Status, Set Pending, Set Record Type, Set Risk Assessment to Withdrawn, Set Risk to Active, Set Status, Set Status to Active, Set Status to Closed, Set Status to Definition, Set Status to Post Assessment, Set Status to Resolved, Set Status to Retired, Set the Next Status, Set to Active, Set to In Progress, Set to Pending, Setup Specification Definition, Setup Specification Definition for All, Show Dates, Show Timeline, Show Timeline, Submit and Return Home, Take Ownership, Unlink Primary CI Item, update, Update Business Object, Update Citation Links, Update Citations, Update Controls, Update Links, Update Related Controls to set Related Policy Exists Flag, Update Security Classification, Update Status, Update Status Order, User access list, Validate CONTROL Status, View Deails, View Timeline Import
Expressions Asset owner, Asset owner ID, Business Impact Answer Percentage, Business Owner, Business Owner Team, Calc End Dates, Calc Start Dates, Calculate Answer Value, Calculate Answer Value, Calculate Answer Value, Calculated Risk Midigation Score, Calculated Total Business Impact Question Value, Calculated Total Risk Midigation Answer Value, Calculated Total Risk Midigation Question Value, Calculated Total Security Class Question Value, Calculated Total Threat Analysis Answer Value, Calculated Total Threat Analysis Question Value, Calculated Total Threat Likelihood Question Value, Control Defined, Control Display of Completetion Button, Control ID, Controls Requiring Action is False, Count of Audit Approvers, Count of Closed Compliance Actions, Create Supporting Records Run if - Data Class, Create Supporting Records Run if - Goto Action, Create Supporting Records Run if - Risk Mitigation, Create Supporting Records Run if - Threat Analysis, Current User RecID, Data Classification Answer Percentage, Data Protection Officer, Data Protection Officer ID, Determine the Security Class, Evaluate which Assessment is Active, Existing Specifications, Finance Asset Value, Finance High, Finance Low, Finance Med, Future End Date Calculation, Future Start Date Calculation, Hyperlink to Approval, Increment Control Question, Iterate Backwards Run if - Data Class, Iterate Backwards Run if - Risk Mitigation, Iterate Backwards Run if - Threat Analysis, Legal and Regulatory Asset Value, Legal High, Legal Low, Legal Med, Lessons Leared Validation Date, Lock Active Status - CA/PA, Lock Active Status - Policy, Lock Active Status - Policy, Lock Closed Status, Lock Common Fields, Lock Field, Lock Fields, Lock Record, Market Cost Asset Value, Market Cost High, Market Cost Low, Market Cost Med, New-Control Display of Completetion Button, New-Evaluate which Assessment is Active, No Change - Set Review Date, No Change - Set Review Date, Number Of Controls, Old_Set Review Dates, Older than 30days, One Week From Today, Overall Risk Calculation, Percent Complete Data Class, Percent Complete Risk Mitigation, Percent Complete Threat Analysis, Policy Defined, Policy ID Counter, Policy Linked, Policy Publish Prev 2 Weeks, Populate Answer Value, Populate Answer Value, Populate Answer Value, Primary Control Count, Primary Control Score, Required Fields, Required for both, Required For Final Corrective, Required For Final Preventive, Return ISMS Group from Type, Secondary Control Count, Secondary Control Score, Select All Choice 01, Set Closed Date, Set Review Date, Set Review Date, Show Fields Locked, Simular Risk Assessments, Status Read Only, Status Read-Only, Threat Analysis Answer Percentage, Threat Likelihood Answer Percentage, Total Data Classification Questions, Total Risk Mitigation Questions, Total Threat Questions, Two weeks out, Unlock Record, Unmitigated Risk Percentage, Validate if Run - Data Classification, Validate if Run - Risk Mitigation, Validate if Run - Threat Analysis, Validate Policy Fields before Active, Validate Status Phases Import
Automation Processes Create Link to Controls Upon Citation Imports, mApp Factory - Copy Group Control Relationship to Join, mApp Factory - Notification of Assignment, mApp Factory - Notify Asset Owner on Risk Assessment, mApp Factory - Notify Audit Participant, mApp Factory - Notify Granted Access Users, mApp Factory - Notify Owned By on Assignment, mApp Factory - Notify Owned By on Risk, mApp Factory - Notify Owned By on Security Incident, mApp Factory - Notify Owner on Assignment, mApp Factory - Notify Risk Owner on Risk Assessment, mApp Factory - Notify Security Incident Team, mApp Factory - Notify Team on Assignment or High Priority Import
Dashboards Compliance, ISMS Portal Home, ISMS Portal Knowledge, ISMS Portal My Items, Operations, Posture, Statement-of-Applicability Import
Searches Acrive Authority Document, Active Audits, Active Audits Starting in the Next Week, Active Audits with Major NonCompliances, Active Authority Documents propt, Active Boundary Definitions, Active Events by CI Risks, Active Risk Assessments, Active Security Incidents 2, Active Security Incidents by Type, Active Specification Controls, Active Support Service Risk, All Audits, All Audits - No None Preventative Actions, All Audits with Major NonCompliances, All Authority Documents, All Citations, All Compliance Records, All Corrective Actions, All Events, All Exclusion Controls, All Inclusion Controls, All Open Compliance Records, All Participants, All Policies, All Preventative Actions, All Risk Assessments, All Security Incidents, Audit Corrective Actions, Audit Preventative Actions, Audits, Audits Awaiting Approval, Audits Completed, Audits Ending in the Next Week, Audits with Open Resolution Actions, Confidential, Critical Mitigation Risk, Current Authority Document, High Mitigated Risk Assessments, High Mitigation, In Progress Risk Assessments, Internal Use, Low Risk Mitigation, Medium Mitigation Risk, Missing Justification Details, Missing Policy Relationship, My Active Audits, My Security Incidents, Open Corrective Actions, Open Events for Today, Open Network Events, Open Network Events, Open Preventative Actions, Open Security Events, Open Security Events by CI Risk, Open Security Events by priority, Overdue Audits, Policies missing relationships, Print Boundary Def, Public Data, Report Active Specification Controls, Restricted Data, Risk Assessments Owned by Me, Security Events Owned by Me, Security Incident by Priority, Security Incident Corrective Actions, Security Incidents Older than 30days, Two weeks out, Very Low Risk Mitigation Import
Counters Event-Ops Network Event ID, Event-Ops Security Event ID, ISMS Audit ID, ISMS Boundary ID, ISMS CAPA ID, ISMS Citation ID, ISMS Compliance ID, ISMS Exemption, ISMS Policy ID, ISMS Risk Assessment, ISMS Security Incident ID Import
Supplier ID Overwrite
  • Import: Add new item.
  • Overwrite: Replace target item.
  • Merge: Merge differences.
  • Don't Change: Referenced by the mApp Solution, but not altered in any way. The mApp Solution includes the definition for informational purposes only (the definition is not imported into the target system).