System Authorization

Ryskview includes a module for System Authorization.  It can be accessed within a System Profile, by clicking on the Authorizations tab.  

New Authorization

In order to start a new Authorization workflow, click “New Authorization”.   Only the System ISSO can start a new workflow.

Select the Authorization Type. 

Select the Controls Assessment that will be used to evaluate the system controls.  (Note that this is a reference for the evaluator.  The selection does not change, freeze, or otherwise alter the control set)

Select the Workflow.  Ryskview has customizable workflows based on the designations.  If the default workflow needs to be changed or additinoal workflows need to be added, just contact your Ryskview Administrator.

Add a comment.  Then click Submit. 

View System Authorization Details

Once submitted the Authorization workflow will display in the top pane.  Click on the Details button to display the current assignee and the history of the authorization workflow.  

Select the Log Work button to Add a Note, Assign the Workflow to the next assignee, or complete the workflow as Authorized, Not Authorized, or Cancelled.

Assignee Notification

The assignee of the System Authorization Workflow will be notified in their Dashboard > To Do List tile (as shown in screenshot below).  From here, the user may click they hyperlinks to get to the workflow page.

Multiple workflows may be active for the same System simultaneously. A specific user may also have multiple workflows assigned to them.  

System Data during a System Authorization Workflow 

The System Authorization workflow is a documented process to enable submission, evaluation, and authorization.  Because the security posture of a system is dynamic and constantly changing, Ryskview does not freeze the System data or data elements.