Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request: Duplicate Project for internal audit #96

Open
Jamesw151619 opened this issue Oct 16, 2023 · 0 comments
Open

Feature Request: Duplicate Project for internal audit #96

Jamesw151619 opened this issue Oct 16, 2023 · 0 comments
Labels
easy enhancement New feature or request

Comments

@Jamesw151619
Copy link

Last one and ill try to leave you alone for a bit :)

With the new idea that Projects may be ongoing indefinitly to miantain certification/compliance, this idea was proposed in a previous feature request to add scheduled tasks that have a frequency associated with them, which may take a project back to uncertificed/non-compliant level. however there are some items that may be satisfied just by having them, for example having a code of conduct, ot having a policy that you states background checks new hires is required. an organizations might want to do a point in time audit of their posture to make sure these "event driven tasks" are being performed.

This audits might only be internal, so companies may not want to affect the "ongoing project", or they may only be testing a certain department. Since setting up a new project with owners is very tedius since you are reacreating your entire security/business posture. I believe having a feature that allows you to copy an entire project and rename it, and remove ongoing tasks as mentioned in that previous feature request, would be very nice (nobody wants dupe alerts).

In my scenario, i have risk assessments that state we need to perform, at least quarterly, an audit and patch of security vulnerabilities found an any open source code we use. I would want to create a new control for this and assign it to a team member. Without affecting my current project, i want to perform an internal audit of my risk assessments, and have the results logged away in my database forever. if i have to create a new project, i will surely miss this as its custom and won't be added to a new project automatically.

This feature also looks to be handy with the new multi tenancy you have added, as independent auditors/preppers might start using the program to help keep their clients in order. i would assume they would like the ability to basically do dry run audit without it logging in the main ongoing project as clutter.

@bmarsh9 bmarsh9 added enhancement New feature or request easy labels Oct 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
easy enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants