FAQ

1. How do I go from the global cockpit level to the site level?

To navigate from the global cockpit to the site level, simply click on the site name from the list of available sites or select the site directly from the map.

2. What are Controls?

The term Controls is used to refer to specific security measures or actions implemented to manage and mitigate risks. These controls can include physical security measures (e.g., access control systems, CCTV, guards) as well as procedural controls (e.g., response protocols, audits). Each control is associated with a provider, agreed service levels, and KPIs to monitor its performance.

3. How can I create and manage security controls?

To create security controls:

• Go to the Global Cockpit page and select a location.
• Add providers in the Providers menu.
• Navigate to the Security Controls menu and add the controls you wish to monitor.
• Fill in the details, such as the control type, provider, service levels, and associated costs.
• Controls can be updated later by clicking the Edit button next to the control.

4. How do I create and manage KPIs or audits for security controls?

To create KPIs:

• Navigate to the KPI's page under Management and select the relevant control type.
• Add a new KPI, filling out information such as scoring type (percentage or choice list), breach thresholds, targets, and the people responsible for scoring.
• The KPIs will now be available for scoring for all users with the appropriate access. Notifications will be sent to users added as 'contributors.'

5. How do I add new users to the platform?

You can add new users via the User Management page:

• Check the available user slots at the top of the page.
• Assign the new users to locations and roles based on their responsibilities.

6. How do I add new locations to the platform?

You can add additional locations via the Location Management page:

• Check the available location slots at the top of the page.
• Click Add New Location and complete the required information.

7. How do I score KPIs?

To score KPIs:

• Go to the Performance Assessment page at the site level and click on Add New Control Performance.
• Select the control you want to score from the list and input your assessment.
• Add comments and, if necessary, action plans for any breaches in the KPI.
• The score and indicator will update immediately, and you can edit the score if required.

8. How do I input actual costs for controls?

To input actual costs for controls, this is done in the Cost Assessment page. Simply complete the available cost indicators and add an optional narrative. If you want to measure other cost indicators, contact Pronect support via your Central Admin.

9. How can I monitor control performance?

You can monitor control performance using the Global Cockpit - Performance Dashboard and the Control Performance table on the Site Dashboard:

• Global Dashboard: Compare performance across different sites, including control scores, breaches, and trends over time.
• Site Dashboard: Get detailed tracking of each control’s performance for a specific site, including month-over-month comparisons.
• To view a full report for a specific control, go to the Performance Assessment tab, select the relevant month and control, and click the Edit button to open the detailed report.

10. How do I create and follow up on action plans?

To create an action plan:

• Navigate to the Action Plan page and click Add New Action Plan.
• Action plans can also be created directly when scoring KPIs.
• To follow up, filter by location, owner, or priority. You can also update action details as needed.

11. How do I conduct a risk assessment?

To begin a risk assessment, go to the Risk Assessment page:

• Click Create New Risk and select from the predefined options to generate a risk statement.
• Assess the consequences and likelihood, then adjust using the provided sliders and the guidance that appears when changing the score.
• After assessing, save the risk to treat and monitor it in the system.

12. How does risk treatment work?

Once a risk is assessed:

• Select security controls from the security inventory to mitigate the risk.
• Adjust the likelihood and consequence based on the controls applied.
• Save the treatment to monitor the risk over time.

13. How do I monitor and update risks?

To monitor a risk:

• Go to the Risk Monitoring page, where you can adjust likelihood and consequences based on new information.
• Use the monitoring feature to stay proactive and update the risk as conditions change.
• Consider updating the residual risk if changes persist.

14. How do I view key information on the site dashboard?

The site dashboard presents three key metrics:

• Risk Matrices: Showing inherent risk, residual risk (default on the left), and adapted risk (default on the right).
• Performance: Control scores and trends for a selected month.
• Costs: Planned versus actual costs for security.

Regular monitoring of these elements ensures your security measures are balanced and optimised.

15. What is the difference between inherent and residual risk?

• Inherent Risk refers to the level of risk before any security measures or controls are applied. It represents the natural exposure to a threat or vulnerability in its raw state.
• Residual Risk is the level of risk that remains after security controls have been implemented. This is the risk that is still present even with mitigation efforts, reflecting how effective the controls are in reducing the threat.

Monitoring both types of risk helps to ensure that security controls are effectively managing risks and highlights areas where further action may be needed.

16. How do I integrate external data sources into Pronect?

Pronect supports the integration of external data sources, such as guard reports, incident reporting tools, and HR data. Once integrated, these sources automatically feed into Pronect’s Performance Assessment, Risk Monitoring, and dashboards, enabling real-time analysis and monitoring. To set up these integrations, please contact the Pronect team for assistance.

17. How does Pronect help with compliance?

Pronect simplifies compliance management by ensuring that your organisation adheres to industry regulations:

• Add the necessary controls to the Control Inventory to track compliance requirements.
• Create KPIs for each mandatory control using the Choice List input type, and select Compliance as the KPI focus.
• Regularly assess compliance by scoring these KPIs during performance reviews.
• Use the Global Dashboard's Performance tab to view compliance levels across all sites, clearly showing adherence to compliance standards.
• In the event of non-compliance, create and manage action plans to address gaps and ensure timely resolution.

18. How can I calculate the return on security investment (ROSI)?

You can calculate the return on security investment (ROSI) in Pronect using the following steps:

• In the Risk Assessment page, assess the likelihood and consequence of inherent risks. Based on this, Pronect calculates the Annual Loss Expectancy (ALE), which represents the potential financial loss a company could face each year without any security measures in place.
• In the Risk Treatment page, after applying security controls, the ALE is recalculated. The difference between the total ALE of inherent risks and the total ALE of residual risks shows the value of the risk reduction achieved through security measures.
• The total cost of the security controls can be found on the Security Inventory page.
• To calculate ROSI, compare the total risk reduction (in terms of ALE) with the total cost of the security controls, demonstrating the value and effectiveness of your security investments.

19. How to update my password?

You can update your password, via the 'Forgot password' function using the following steps:

• Log out by clicking on the Exit symbol next to your name in the upper right corner of the screen.
• In the log-in window, before entering your password, click on 'forgot password'. 
• A code will be sent to your mailbox to update your password.