Usability

Usability

WMC GmbH works constantly on the optimization of the usability of their GRC solution QSEC. By introducing the “Hamburg menu” and the tiled view, the usability and clarity was further improved. The user interface and navigation structure allows even users without expert knowledge to intuitively and quickly edit the process steps in the selected modules.
Furthermore, intuitive and self-explanatory icons are used on each interface and a configurable color scheme is used, taking into account common ergonomics standards (ISO etc.).

Features (excerpt)

  • Expert and user mode
    • Expert mode with clear, individually adjustable table overviews
    • User mode with guided workflows
  • Clear start page with user guidance
  • Definition of machining favorites
  • Topic tabs / tabs
  • Individual customer logos per business unit
  • Visual adaptation of QSEC to corporate identity requirements

 

 GRC solution – global processing status – degree of implementation

QSEC® GRC solution – global processing status – degree of implementation

 GRC solution – Global processing status – Compliance tile technology

QSEC® GRC solution – Global processing status – Compliance tile technology

QSEC modules

Data-Protection-Management-System-QSEC Information_Assets Compliance_Management_System
IT-Risk-kachel Security Incident Management Measure-Management
Document-Management Master-Data-qsec Business_Continuity_Management
Reporting-Dashboard Interview-Wizard Interview-transfer-Wizard
Compliance-Wizard Risk-Assessment-Wizard Security-Level-Wizard
Measure-Evaluation-Wizard Usability Task-Manager
Administration Technology

Technology

Technology

QSEC® is a browser-based web solution – no software installation on the client!

 

Web front-end for multilingual, browser-based (current browser versions e.g. Chrome, Internet Explorer, Firefox etc.), company-wide access to the software;

  • Creation of current .NET technology
  • Use of Microsoft
    • Enterprise/GRC: SQL Server 2017, MS Windows Server 2019 and previous versions
    • QSEC® Easy Express: SQL-Server 2017 Express with Advanced Services and MS Windows Server 2019 and previous versions, Windows 7
  • Encryption of communication via SSL

 

QSEC technology

QSEC modules

Data-Protection-Management-System-QSEC Information_Assets Compliance_Management_System
IT-Risk-kachel Security Incident Management Measure-Management
Document-Management Master-Data-qsec Business_Continuity_Management
Reporting-Dashboard Interview-Wizard Interview-transfer-Wizard
Compliance-Wizard Risk-Assessment-Wizard Security-Level-Wizard
Measure-Evaluation-Wizard Usability Task-Manager
Administration Technology

Task- / Workflow Manager

Task- / Workflow Manager

The QSEC® Task Manager is a tool that can be used as a supplement to measures management. It enables the

  • quickly,
  • simple and
  • dynamic
creation, assignment and edition of tasks.

 

 

The manual creation of new tasks is provided in all modules of the ISMS software QSEC®. Within the task creation functionality, the responsible person and processor can be maintained. Notification functions and the integration of the tasks with the Outlook calendar are available.
Additionally, tasks are created automatically by the system. For example, if a change in the evaluation of information for related business processes and assets requires a new evaluation. This prevents content from becoming unnoticed.

 

The task list (see screenshot), which is displayed on the overview page, serves as a quick overview in Task Management. Here you can see at a glance the next upcoming tasks including

  • due date,
  • Status and
  • Priority.
 

The functions prioritization, status tracking and dating help to process the recorded tasks efficiently.
By assigning links to the respective task, the user is quickly guided to the right place – regardless of whether the pages are linked within QSEC®, the internal folder structures or web pages.

 

The Task Manager is also the starting point for the QSEC Workflow Manager. Each task can be used for a workflow. The following standard workflows are available in QSEC:

  • Action Confirmation Workflow
  • Exceptional approval workflow
  • Measures status change workflow
  • Risk Acceptance Workflow

User-specific workflows can be created individually in the extended administration via the Workflow Engine.

 

Screenshot Task overview at the homepage of QSEC

Screenshot Task overview at the homepage of QSEC

Example-action-confirmation-workflow

Sreenshot QSEC Workflow Manager / Example action confirmation workflow

QSEC modules

Data-Protection-Management-System-QSEC Information_Assets Compliance_Management_System
IT-Risk-kachel Security Incident Management Measure-Management
Document-Management Master-Data-qsec Business_Continuity_Management
Reporting-Dashboard Interview-Wizard Interview-transfer-Wizard
Compliance-Wizard Risk-Assessment-Wizard Security-Level-Wizard
Measure-Evaluation-Wizard Usability Task-Manager
Administration Technology
7

QSEC product variants

QSEC® EASY EXPRESS
QSEC® ENTERPRISE
QSEC® GRC

7

Further information

GRC software
IMS advantages and benefits
QSEC Video

7

QSEC Online-Demo

Register now!

Master Data Management

Master Data Management

In QSEC master data management, the necessary data for the QSEC® software is set up in a simple and flexible manner.

QSEC master data consists of all user-specific company data that is required for the implementation of compliance, measures, document and risk management, such as

  • Legal entities and organizational units
  • Scope with the definition of In-Scope and Out of Scope
  • Employees with authorizations and responsibilities
  • Employee Roles
  • Teams
  • Addresses
  • Service provider
  • Responsibilities
Master Data Management – Organizational Units Overview

Master Data Management – Organizational Units Overview

Features (excerpt)

  • Recording of the entire or relevant company structure in organizational units;
  • Creation of scopes (combination of organizational units and related norms and standards) for the ISMS and other norms;
  • Import of employee master data from Active Directory/LDAP or SAP;
  • Team functionality and assignment of responsibilities;
  • Role-based rights management;
  • User-specific task overview after login;
  • Succession and substitution regulations;
  • Mail notification about current resubmissions;

QSEC modules

Data-Protection-Management-System-QSEC Information_Assets Compliance_Management_System
IT-Risk-kachel Security Incident Management Measure-Management
Document-Management Master-Data-qsec Business_Continuity_Management
Reporting-Dashboard Interview-Wizard Interview-transfer-Wizard
Compliance-Wizard Risk-Assessment-Wizard Security-Level-Wizard
Measure-Evaluation-Wizard Usability Task-Manager
Administration Technology

Security Level Wizard

Security Level Wizard

The IT security status in the entire company should be transparent and measurable. Security level management (SLM) as a quality assurance system is part of the responsibility of the CSO (Chief Security Officer), CISO (Chief Information Security Officer) or CIO (Chief Information Officer). The implementation carried out in QSEC conforms to IEC 62443.

The goal of SLM is to actively determine the security status to

  • plan,
  • to be adjusted,
  • monitor and
  • improve.

The QSEC Security Level Wizard is designed for the SLM responsible in the company and serves for recommendation and confirmation of security levels. The user is intuitively guided through the different steps in order to ensure an efficient procedure.

The SLM responsible is able to identify the asset groups with high security levels. In the next step these are transferred to the managing director in order to be approved by him via the wizard.

Security-Level Management

QSEC Security Level

QSEC modules

Data-Protection-Management-System-QSEC Information_Assets Compliance_Management_System
IT-Risk-kachel Security Incident Management Measure-Management
Document-Management Master-Data-qsec Business_Continuity_Management
Reporting-Dashboard Interview-Wizard Interview-transfer-Wizard
Compliance-Wizard Risk-Assessment-Wizard Security-Level-Wizard
Measure-Evaluation-Wizard Usability Task-Manager
Administration Technology