Compliance Policies are a powerful feature within CloudRadial that enable MSPs to communicate technical standards to clients in an accessible way.
This article explains how policy scoring works and how to configure it for optimal client communication and specifically, what controls a Green, Yellow, and Red score.
What is Policy Scoring?
Policy Scoring is the system CloudRadial uses to evaluate compliance and visualize technical standards across your client base. This system has some base parameters that ship as standard with the system, but it's ultimately up to the Partner to set the "severity" of policy exceptions with their own preferences.
The scoring system determines:
- How severely a policy exception impacts the overall category risk score
- How policy exceptions are displayed and calculated
- The color-coded status (red, yellow, green) displayed in reports and dashboards
How Policy Scoring Works
The basic scoring logic in CloudRadial works as follows:
- Green (Score = 0): Everything passes the policy criteria
- Yellow (Score = 1-99): Some issues exist but aren't critical
- Red (Score = 100+): Critical issues exist that need immediate attention
When configuring a policy, you'll set three key scoring parameters:
1. Risk Category
Select which category the policy should impact:
- Security
- Productivity
- Efficiency
- Backup
- Etc.
This categorization ensures that policy failures affect the appropriate area of your compliance reporting. Each policy is attributed to a specific category for the benefit of end users. These categories ensure that even technical remarks stay buisness-oriented and understandable at all times.
2. Risk Score
Determine how many "points" are deducted when a policy check fails. This could be any value, but our general recommendations include:
- Low impact issues: 5-25 points
- Medium impact issues: 25-75 points
- Critical issues: 75-100+ points
For example:
- A OneDrive mapping issue might be worth 5 points
- Low disk space might be worth 50 points
- Missing antivirus software might be worth 100 points (automatically flagging a category as red)
3. Scoring Methods: "Each" vs "Any"
CloudRadial offers two scoring methods to provide flexibility in how you measure policy compliance:
Each
- Every device that fails the policy adds the full point value
- Example: If three computers fail a 100-point policy, the total would be 300 points
- Use this method when you want to emphasize the scale of a problem (more failures = higher score)
Any
- The policy only counts once, no matter how many devices fail it
- Example: Even if 50 devices fail a 100-point policy, it only counts as a total of 100 points
- Use this method to prevent extremely high scores and treat the issue as organization-wide
- Particularly useful for policies that could generate alarming scores that might overwhelm clients
Configuring Risk Scoring
Risk scoring is configured on each policy. You can also get an overall score by category by selecting By Category at the top of the Compliance > Policies section.
Configuration of scores can be completed as follows:
- Navigate to the policies section under Compliance > Policies
- You can also achieve this from Partner > Content, in a Policies content package
- Select an existing policy or create a new one
- Scroll down to the Risk Scoring section
- Select the appropriate Risk Category
- Enter your desired Risk Score value
- Choose between Each or Any for your scoring method
- Submit your changes, and Publish them (if applicable, from Partner > Content)
The policies will reflect their appropriate category score when each exception is found.
Comments
0 comments
Article is closed for comments.