Features
Features
17 articles
Getting Started
This guide explains how to get started with the FEHA GRC Platform and access its main features. Logging In Users can access the FEHA GRC Platform through the login page at fehagrc.com. The login process begins by entering an email address to receive a secure login link. After submitting the email, the system sends a login link to the user's inbox. The platform can be accessed by opening the link. FEHA GRC also allows you to sign in with Google or Microsoft accounts. This option allows users
Settings
Company Use this feature to update company profile information, including name, address, and contact details, to keep records accurate and current. 1. Open the Settings page. 2. Select the Company tab. 3. Enter the latest company information in the required fields. 4. Click Update Company to save your changes. Config Pages The Config Pages submenu manages system configuration at the module level. It allows you to enable or disable compliance modules and set notification cycles to align
Profile
Use the Profile menu to manage your personal information, compliance requirements, and assigned assessments. Approving a New Policy This section outlines how to approve a newly assigned policy. 1. Open the Profile page. 2. Select the policy row marked with an orange exclamation icon. 3. Select Approve at the bottom of the page. Note: Policies must be approved to become effective. Completing a Vendor Risk Assessment This section explains how to complete an assigned vendor risk assessme
Framework Management
The Framework Management menu allows you to manage compliance frameworks and their controls. It supports activation, control assignment, evidence management, and progress tracking within a structured workflow. Getting Started with Framework Management What is Framework Management? Framework Management helps organizations align their controls and evidence with recognized standards or compliance frameworks (e.g., ISO, SOC 2, NIST). It provides a structured way to track compliance, identify ga
Risk Management
Getting Started with Risk Management What are risks? Risks are identified threats and vulnerabilities that can impact your organization. The system helps you systematically assess and manage these risks by: * Risk identification – Mapping threats and vulnerabilities * Impact assessment – Estimating likelihood and consequences * Risk treatment – Accepted, Mitigate, or Transferred * Control linking – Assigning measures to mitigate risks * Monitoring – Tracking progress of risk treatment
Policy Management
Getting Started with Policy Management What is Policy Management? Policy Management is the process of creating, organizing, approving, and maintaining organizational documents such as policies, procedures, agreements, and plans. The system helps ensure that all documents are properly governed, up-to-date, and accessible to the right stakeholders. With Policy Management, you can: * Create documents – Generate AI, manual authoring, or upload existing files * Standardize documentation – Ensu
Asset Management
Getting Started with Asset Management What is Asset Management? Asset Management is the process of identifying, organizing, and maintaining all assets within your organization. This includes both physical and digital resources that support business operations. By managing assets effectively, you can: * Maintain visibility – Keep a centralized inventory of all assets * Improve security – Identify and protect critical assets * Support risk management – Link assets to risks and controls *
Vendor Management
Getting Started with Vendor Management What is Vendor Management? Vendor Management is the process of evaluating, monitoring, and managing third-party vendors that provide products or services to your organization. It ensures that vendors meet security, compliance, and performance standards while minimizing risk. With Vendor Management, you can: * Assess vendor risk – Identify and evaluate potential risks * Monitor vendor performance – Track status and review cycles * Ensure compliance –
Privacy Management
Getting Started with Privacy Management What is Privacy Management? Privacy Management is the process of identifying, assessing, and managing risks related to personal data processing within your organization. It helps ensure compliance with data protection regulations and safeguards individuals' privacy. With Privacy Management, you can: * Document data processing activities – Maintain records of how personal data is used * Ensure compliance – Align with data protection regulations (e.g.
Users
Getting Started with Users What are Users? Users represent individuals within or associated with your organization who interact with the system. Proper user management ensures the right people have appropriate access, responsibilities, and visibility based on their roles. With User Management, you can: * Control access – Assign permissions based on responsibilities * Define roles – Distinguish between internal and external users * Ensure accountability – Assign ownership across modules
User Journey
The Users Journey menu offers insight into user compliance activities and personnel documentation. It enables compliance monitoring, document management, and user status tracking throughout the user lifecycle. Sending a Compliance Reminder Use these steps to send a compliance reminder to a user. 1. Open the Users Journey page. 2. Select the Compliance Reminder option on the relevant user row. 3. Select Send Reminder to confirm. Note: Compliance reminders notify users to complete required
Device Monitoring
Getting Started with Device Monitoring What is Device Monitoring? Device Monitoring allows you to track the status and availability of devices within your organization in real time. This helps ensure that systems are operational, detect issues early, and maintain business continuity. With Device Monitoring, you can: * Track device status – Monitor whether devices are online or offline * Detect issues quickly – Identify downtime or connectivity problems Device status Each device is assi
Company Activities
Getting Started with Company Activities What are Company Activities? Company Activities provide a centralized log of actions and events that occur across the system. This helps organizations monitor operations, track changes, and investigate issues effectively. With Company Activities, you can: * Track system events – Monitor actions across all modules * Improve transparency – See who did what and when * Support auditing – Maintain a history of activities * Detect issues – Identify warn
Security Scanner
Getting Started with Security Scanner What is Security Scanner? Security Scanner is a tool used to automatically identify vulnerabilities and security risks within your systems, applications, or infrastructure. It helps organizations proactively detect weaknesses and take corrective actions before they can be exploited. With Security Scanner, you can: * Identify vulnerabilities – Detect security issues across systems * Assess risk levels – Classify findings based on severity * Monitor sc
Continues Testing
Getting Started with Continuous Testing What is Continuous Testing? Continuous Testing is the process of regularly reviewing and validating key elements such as risks, vendors, evidence, and policies to ensure they remain accurate, effective, and compliant over time. With Continuous Testing, you can: * Maintain compliance – Ensure ongoing alignment with standards and policies * Detect issues early – Identify outdated or ineffective controls * Automate reminders – Schedule periodic review
Trust Page
Getting Started with Trust Page What is a Trust Page? A Trust Page is a centralized view that allows organizations to showcase their compliance, security posture, and governance practices to internal and external stakeholders. It helps build transparency and trust by presenting relevant controls, policies, and evidence in a structured way. With a Trust Page, you can: * Showcase compliance – Display controls and frameworks * Share evidence – Provide supporting documentation * Increase tra
Ticket
The Ticket menu is used to create, search, and manage support tickets, including submitting new requests and communicating through comments for issue tracking and resolution. Creating a New Ticket This section explains how to create a new support ticket. 1. Open the Ticket page. 2. Select Create New Ticket. 3. Complete the ticket form. 4. Select Submit Ticket. Note: Provide a clear title and description to help resolve your ticket quickly. Searching Ticket Titles This section explain