effective roadmaps knowing the rules assurance

Our Products:





Don't see your question here? We'll be happy to answer via our convenient Contact Us tab.

Q: How quickly can the content be loaded into Compliance Mapper?
A: An average framework (example PCI) can be loaded and ready for use in approximately 4 hours

Q: How easy is it to map an internal policy to a control framework like ISOIEC 27001?
A: Input of the Policy would take approximately 1-2 hours - Once inside the CM the mapping would take approximately 30 minutes

Q: Is it possible to compare old and new policies and identify the changes?
A: Once loaded inside Compliance Mapper, policy to policy mapping takes approximately 30 minutes and reporting to show changes via the links mapping report takes approximately 2 minutes – output of the reporting can be to HTML, Mind Map or PDF.

Q: When regulations change or when new regulations are issued or released, how often do you update the software?
A: As a retained service to our customers, we update our offerings as needed and usually within ten days of newly released changes to existing regulations.

Q: How many frameworks can be mapped?
A: As many as needed – Compliance Mapper offers an intuitive mapping capability across multiple frameworks

Q: Is mapping and creating crosswalks the same thing?
A: Yes

Q: How do you prove that the framework is correct?
A: The authoritative document related to the framework is attached as evidence. Frameworks are in tree format and easily readable.

Q: Are there varying access options?
A: Yes there are varying access rights that can be assigned to individuals using Compliance Mapper – from full access admin to read only access. A new function just announced allows the framework to be protected against change by unauthorized individuals. This ensures the integrity of mappings and attachments.

Q: How can we determine the number of licenses needed for our organization?
A: Licenses are based on the number of copies of the software needed – if there are 2 copies then 2 licenses are required.

Q: How long does it take to get Mapper up and running in an organization?
A: Once installed which takes approximately 1 hour, all functionality is available

Q: What is the implementation time and how many of our resources will take part during this phase?
A: 1 Hour – 1 resource

Q: What type of training do you provide?
A: As part of the implementation process we recommend and offer training to assist with the implementation and operation of the product.

Q: How long does initial training take?
A: Around 2 hours. We also offer customized advisory resources for a much smoother transition. At your request, C2C will provide expert onsite support to help you plan and structure a solid compliance and risk management program and create seamless, enterprise-wide governance.

Q: Can the frameworks be copied across workspaces?
A: Yes – all frameworks can be copies – with the existing mappings (if required) and the attachments (if required)

Q: If the framework is copied with existing mappings and content – do the mappings automatically connect to any framework that is in the target workspace?
A: Yes - the integrity of the mapping stays and automatically connects if a framework is in existence that was in the copied from workspace. The option exists not to copy the mappings if not needed.

Q: I have a compliance check list that I have been using to manually assess our compliance posture. Is there a way that I can import that information into this tool?
A: Yes – if your checklist is in excel – then we can advise you how to import it into Compliance Mapper

Q: Can you identify the frameworks if more than one copy exists?
A: Yes – we have a unique identity system that allows frameworks to be identified. We know exactly when they were created and by whom.

Q: Do you track activity related to the audit work being done?
A: Yes – we write an audit record for every activity and store the information for review when needed. This is customizable for the client.

Q: Can I archive referenced and attached documents?
A: Yes – the Compliance Mapper is also a document repository for any type of document(s) or diagram(s) needed.

Q: Is your tool a repository as well?
A: Yes Compliance Mapper collects all types of artifacts.

Q: How do I conduct an assessment?
A: Compliance Mapper has a powerful assessment module available to assist clients achieve their assessment needs. The assessment module is very flexible allowing question to be turned off, answers to be weighted, and differing answers to be used during an assessment. All assessment are housed in tree format and activated from the menu of from the tree itself.

Q: Can you find information easily across the frameworks?
A: Yes – we have a powerful search engine built in the product that interrogates one framework or multiple frameworks using keywords or phrases.

Q: Can I do a keyword search and advanced search for all approved policies?<br /> A: There are a number of ways to achieve this – C2C developed a status option that allows you to assign approvals as needed – this is flexible in its approach and can be tailored to meet specific needs. In addition there is an extremely robust search capability for keyword and phases.

Q: Do you offer archiving of all versions of the policies for historical reference?
A: Currently Compliance Mapper is not a document management system – we are in the process of developing a publishing capability that will incorporate versioning.

Q: Is Mapper “configurable”? Describe the platform<br /> A: Compliance Mapper can run on Windows or Linux platforms

Q: Can I import existing data into Compliance Mapper – what’s involved?
A: You can import any information into Compliance Mapper very easily – C2C has developed a simple format using CSV file structures.

Q: Can I access Mapper’s standards and regs for use in my external systems?
A: APIs are available to allow this.

Q: How secure is the data?
Compliance Mapper is a secure web application with access control and administration rights at varying levels. All data is stored in a MySQL database.

Q: What is a Tree?
A: A tree is data or a document structure embedded in the Compliance Mapper product – same as a windows tree

Q: What is a Node?
A: A node is a child of a tree

Q: Is customer support 24/7?
A: Customer Service is available from 8 a.m. to 6 p.m. EST – if there is a need for more, telephone support is always available.

 

Alkamind Consulting: "The thing I like the most about Compliance Mapper is that it can be used as a Neural Network for a wide variety of people from different disciplines. Compliance Mapper is able to... read more