Add document storage and linking to controls

bmarsh9 / gapps

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

Other

440 stars 99 forks source link

Add document storage and linking to controls #2

Closed SupaChop closed 2 years ago

SupaChop commented 2 years ago

Add a document management/storage system with the ability to link documents to specific controls as evidence. Ideally with markup capabilities so assessors can reference the documents within the application without leaving it.

bmarsh9 commented 2 years ago

@SupaChop This is a good suggestion. If I understand correctly and from a user perspective, you would navigate to the "Evidence page". Inside that page, you can upload evidence there and link it to multiple controls within a project.

Currently you can upload evidence to each control but there isn't a view that shows "all evidence mapped to each control".

SupaChop commented 2 years ago

Yes, successful assessment management software I've worked with has integrated this function, with the ability to view something like a file tree broken down by control and related evidence. This is helpful when cross referencing as well.

bmarsh9 commented 2 years ago

Addressed in https://github.com/bmarsh9/gapps/pull/11