When should I use Automated Collection?
If you have any of our integrations configured, you will be able to use our Automated Collection feature. The automated feature helps you maintain your Evidence Repository with up-to-date information during your monitoring period. This being said, Automated Collection is not necessarily the best course of action for all evidence items. Before setting all evidence items up for Automated Collection, consider the following:
Is the location of this file consistent, year over year?
When setting up an integration, you will choose a specific location/integration point as our recollection service travels the same integration path to retrieve the updated evidence attachment 2-3 days ahead of the evidence's expiration date. If you have a file that is not consistently in the same location, you may want to manually upload it upon its expiration. For details on how each integration works in tandem with Automated Collection, check out the individual page for the integration.
Is this item something that needs to be reviewed or revised?
Policies are a great candidate for automatic collection, but your team needs to ensure that they are reviewed annually, and that the documentation of the review is noted within the Revision History table at the conclusion of the document. Luckily, you will still get an email notification about evidence items expiring, even if the evidence is set to automatically collect. Therefore, be sure to use those notifications as a trigger to perform your annual policy review.
Examples of evidence items that are commonly configured to automatically collect:
All Policy type evidence items (as long as they are properly reviewed annually).
Employee List: Use our HRIS integration to provide a system-generated list of all employees employed by the organization during the monitoring period.
Access Removal Procedures/Checklist: Use our Google Drive or Office365 integration to upload a procedure/checklist that's only updated occasionally.
Change Management - Developers: Use our Gitlab integration to provide a system-generated list of the developers.
Risk Assessment Procedures: Use our Google Drive or Office365 integration to provide the document governing the risk management process.
Termination Procedures: Use our Google Drive, or Office365 integration to provide the termination procedures for off-boarding terminated employees and contractors
For more guidance on using the Automated Collection feature, check out our Automated Evidence Collection article.