Through the assessments feature in CloudRadial, you can efficiently run through a series of fully customizable questions to analyze a client's risk and opportunities even comparing the improvements made since prior runs.
It follows a best practice quantitative approach to eliminate subjective differences found in qualitative assessments. This approach makes assessments more comparable, no matter who conducts them.
- Why Use Assessments?
- Getting Started (General Overview)
- Understanding How to Archive Assessments
- Global Overview and Partner Options
Why Use Assessments?
Assessments are a part of the compliance process. Assessments are lists of questions that help to quantitatively note the status of items at a particular point in time.
Typically, this comes about when determining:
- Client compliance with your technical standards
- Client compliance with industry standards
- Clients complying with external regulations
- Clients complying with internal policies
- Your compliance with your service commitments
Assessments document items for review and remediation covering topics such as:
- Cloud deployments
- Work from home setups
- Client onboarding
- Disaster recovery
- Continuity planning
- Office 365 setup
- Migration readiness
- Training requirements
- HIPAA compliance
- NIST compliance
- GDPR compliance
- and much more.
Though assessments are often conducted using Excel, Word, or other internal tools, assessments become much more valuable when they are:
- Comparable between occurrences (runs)
Before diving into using Assessments, there are some terms that should be defined to help understand the assessments feature in CloudRadial. These are:
- Assessment - A standard template of questions covering a specific area of discovery.
- Run - The questions, answers and recommendations that cover an assessment area at a specific time. Runs belong to an assessment. At creation, runs inherit the current set of questions from the assessment. Questions can be added or removed to a run based on the needs at run time. For example, a new server may require an additional set of questions.
- Template - One or more questions that can be imported into an assessment or run.
- Archive - Assessments and their runs that are no longer being regularly updated with new runs but need to be kept for compliance or historical purposes.
In CloudRadial, assessments are located under the Compliance > Assessments section within the feature set of a given client.
When you first navigate to the assessments module, there are three tabs to choose from:
Below, we'll break down how each section works.
Within assessments, you will start off on the Assessments tab by default. In CloudRadial, an assessment and its associated "runs" are the deliverables that you can edit and present to the client.
Assessments can either be created natively from within CloudRadial or uploaded from an Excel document.
For more information on uploading assessments via Excel, please click here.
Creating an assessment consists of naming it, setting it's description, visibility, status, and recommended run interval. Once the assessment has been created, it will behave like a frame to hold any questions that you deem relevant to apply against a client.
1. Modifying Assessments
Most of the control over assessments are handled using the 3 blue dot menu to the right of the assessment's name. Left-clicking on the blue dots next to an assessment opens the following options:
- Open - open the assessment and display any assessment runs that have been created.
- Edit - edit details of the assessment, as well as build questions for the assessment and it's runs.
- Run - run an attempt of the assessment, which you can then fill out and present to the client.
- Add Template - add a template from the second tab to add into the assessment.
- Save as Template - save a copy of the assessment as a template to use in other assessments.
- Export - export a copy of the assessment into an Excel file that you can modify.
- Update - update an assessment from an Excel file, letting you modify an assessment without making a new one.
- Archive - archive the assessment and its runs and move it to the third tab.
Assessments are comprised of questions. Clicking on the Edit option as described in the step above, and then select the Questions tab.
This area will allow you to add questions to the assessment. Each tab within the questions section allows you to customize and add details to the question, from general details to details on risk and remediation.
Once the question has been built, select Submit to finalize its details and add more questions until the assessment is complete.
Adding Compliance Status Notes (8.17.22 Update)
You can also add notes specific to the level of compliance within each answer.
Doing so gives you more flexibility in how you present your assessments to customers and lets you build assessments with longer-form questions. Here's an example using server room security:
The end result is that you are able to invoke the answers to questions much more smoothly.
While it's possible to create a detailed assessment directly within CloudRadial, it's recommended to create it within Excel and upload it into CloudRadial since the management and manipulation of large volumes of data and fields will be significantly faster.
3. Running Assessments
Remember that the assessment is the frame - once it's been built, the next step is to run it for the client.
Select the 3 blue dot menu and select Run. This will launch a run (or attempt) of the assessment, which the assessor will then use to grade the client.
Clicking on the run will display, by default, the name of the assessment followed by a dash and the date of running. It will also display the score and status of the run.
Selecting the run will allow you to see visualizations of the assessment questions broken up by sections, which behave identically to CloudRadial's dashboard feature. Assessors will use the Details tab within the run to perform the assessment and add their findings to each question.
Clicking on each question and selecting Edit at the top right, or by using the 3 blue dot menu by each question and selecting Edit, will put the assessor in the area to modify each question.
Alternatively, for quicker editing, the assessor may also use the Edit Responses button at the top right when viewing a run to quickly assess each question. Selecting Finish Edit at the top right will save the choices selected by the assessor.
Assessors and clients can also view the Recommendations tab within the run to get a breakdown of the potential remediation efforts and costs to fix issues discovered.
4. Scoring Methodology for Assessments
It is possible to receive a negative score for an assessment.
The scoring methodology for questions within assessments is as follows:
- +2 Compliant
- +1 Partially Compliant
- +0 N/A
- -1 Missing
- -2 Not compliant
When in a specific assessment run, you can directly generate a ticket for that question to go to your PSA tool. Selecting a question from within the assessment run will display the option to Submit Ticket:
This will generate a ticket and send it directly to a PSA board. The specific place it will go is dependent on where that question is routed to - by selecting Edit on the question from the top options, you'll see the Routing tab with tokens pointing it to the PSA.
If you are unfamiliar with CloudRadial and its routing tokens, please read more here.
Submitting a ticket through the assessment module will also tie that ticket to the question - the assessment question will have a lifesaver icon next to it and selecting the question will show its linkage to that question within the portal with a ticket number.
Note that you can make mass changes to these routing options via the Excel versions of these assessments. Please read more here.
6. Managing Multiple Assessment Runs
Running the same assessment multiple times is easy within CloudRadial. Once at the overview for a given assessment's runs, the assessor can click on the 3 blue dot menu and have the option of jumping directly to its Summary, Details, or Recommendation tab.
The assessor will also have the option to Edit the run directly, and even delete it if necessary.
The assessor will be able to Export the run into an Excel file to better manage the data within - especially helpful for scoping out the work once the run has been completed.
The assessor also has the option to Update the run from an Excel file - useful for when they need to make sweeping changes in a run but don't want to edit each one manually from within CloudRadial. This will overlay new changes directly onto the original run.
Lastly, the assessor also has the option to Duplicate the run. This is best served for when an assessment run must be re-done with the same base questions already answered. It helps the assessor to build off of the results of a previous run without starting over from scratch.
7. Comparing Assessment Runs
One of the most powerful features of the assessments is the ability to cross-compare runs. This can show the client growth, progress, and maturity of IT efforts over time.
When multiple runs are completed for a given assessment, you can click on the Compare option at the top right of the assessment runs to get a side-by-side view of how things scored for up to 4 previous runs.
Templates serve an optional purpose for the overall assessment feature. They bundle questions together for usage in assessments as building-block modules.
1. An Example of How Templates Work
While assessments can be created and ran in totality without using the template feature, it can be extremely useful to instead bundle questions into templated segments that can be used as building blocks for future assessments.
For example, instead of having one giant assessment on security applied to every client, an MSP may decide it's better to part out each section of the security assessment into separate templates that they can then assemble into a better assessment for their clients.
Let's say our assessment is broken out into 5 templated sections, on:
- Digital Media
- Physical Protections
- Regulatory Compliance
Then the MSP can now put together an assessment with any combination of the five building blocks available to form their new assessment.
A client without regulatory compliance or digital media concerns can have an assessment put together of just templates 1, 2, and 4.
Assessments can be saved as Templates, and Templates can be saved as Content within CloudRadial's Partner > Content area. These templates can then be re-used for other clients to form scalable building blocks for assessments at a large scale.
Doing so requires two steps. First, we must create a content package to hold the assessment questions:
- Navigate to your Partner > Content area
- Create a new content package of the Assessment Template type
- Set content package name, user groups, and company groups as needed
Once that's completed, we must save the created assessment questions as a Template within any given client's Compliance > Assessments > Templates (tab) area. This is the only section that allows assessment questions to be saved back to Partner > Content. We will be using the content package created in the previous step as our destination to hold our questions.
- Import/create assessment questions and save it within the Compliance > Assessments > Templates (tab) of any client company.
- It's recommended that you use your own main Partner company as the host of the data.
- Once uploaded, select the template and use the orange Save As function to save the assessment template to the folder created previously.
- Navigate to Partner > Content and publish the content package to the relevant audience.
The assessment questions will now be available for use for the audience of the content package. The questions will be loaded in their Compliance > Assessments > Templates (tab).
Archives are the area where assessments and their respective runs can be stored out of sight when no longer needed.
Understanding How to Archive Assessments
To archive an assessment, locate it within Compliance > Assessments and use the three blue-dot menu to access the Archive option.
Once selected, the assessment will be moved to the Archives tab. Note that once the assessment has been archived, it's subsequent runs will be hidden alongside with it.
The data for archived assessments and runs can be restored by selecting Unarchive. This option will put the assessment back in its place with the original runs intact.
Global Overview and Partner Options
CloudRadial partners also have the option of seeing a global view for all assessments and runs by navigating to the Partner > Assessments area within the feature set.
They have the option of seeing an overview summary, or even the schedule for upcoming assessments (which is established on the assessment at the individual client level).
Partners also have the option of editing or creating their own response groups by clicking on the Settings option within this area. This allows partners to create responses other than the pre-loaded options - which is useful for localization as well.