Administrator
Manage Organizations, Templates, and Configurations
The Administrator Panel is only accessed by Rivial Admin Employees. This allows the Rivial Team to manage multiple Organizations, set up Platform-Level Templates, and Software Configurations.
Operation Teams — Allows teams of users, or Operation Teams, to oversee groups of Organizations as auditors, administrators, etc.
- How To Create An Operation Team — Create an Operations Team to manage multiple organizations on the Rivial platform.
- Configuring Organization Access For An Operation Team — Select and assign roles to organizations that will be managed by an Operation Team.
- Creating An Operation Team User — Create Operation Team users accounts to give any desired users access to the Operations Panel.
CISSP Reviews — CISSP Review - A special form of Vendor Review that is done by security personnel that have a valid CISSP certification.
- Perform a CISSP Review — A Rivial Administrator can perform a CISSP Review on a Vendor using provided documents and certifications.
- Create a CISSP Review Vendor — A Rivial Administrator can create a new Vendor in the Platform for CISSP Reviews. A Vendor has multiple Vendor Solutions which in turn can have Vendor Reviews
- Create a CISSP Review Vendor Solution — A Rivial Administrator can create a Vendor Solution, which in turn can have CISSP Reviews.
- Create a CISSP Review Vendor Control Category Template — A Rivial Administrator can create a Vendor Control Category Template for CISSP Reviews.
- Create a CISSP Review Vendor Sub-Control — A Rivial Administrator can create a Sub-Control under a Control Category for CISSP Reviews.
- Sharing a CISSP Review with an Organization — An Administrator can share a completed CISSP Review with another Organization. That Organization would receive an exact copy of the review, including the rating, evaluated controls, and summary.
- Push a CISSP Review to Quantivate — An Administrator can upload a completed CISSP Review to Quantivate.
- Evaluate Controls for a CISSP Vendor Review — A CISSP Review primarily consists of Control Categories with Sub-Controls that can be marked as ‘Not in Place / In Place’ and ‘Not Audited / Audited’. Not In Place / In Place - A Control Category or Sub-Control may be marked as ‘In Place’ if there is some evidence that the controls are being implemented Not Audited / Audited - A Control Category or Sub-Control may be marked as ‘Audited’ if there is concrete evidence that the controls are being implemented, usually found in an audit document.
- Set a CISSP Vendor Review Rating — A Rivial Administrator can set the Risk Rating for a CISSP Review based on the evaluated Controls.
- Generate a Summary for a CISSP Vendor Review — A Rivial Administrator can generate a Summary for a CISSP Review that contains data from the Review, such as the Risk Rating and the date.