Dashboard (Home)

The dashboard is a quick and easy way to see your security posture across your entire Secureframe instance.

Search

Homepage: Charts, Action Items and Frameworks

The Secureframe homepage offers many quick and easy way to see your security posture across your entire Secureframe instance.

Homepage Charts

At the top of the Secureframe home page, you will notice a few charts to measure test, control, and vendor health. 

  • Testing - this graph measures the percentage of passing test among all your frameworks. You will see statuses for Passing, Failing and At Risk, which means those are about to fail as they reach the due date. 
  • Control Health - this graph measures the percentage of control health. You will see statuses for Healthy, Unhealthy, At Risk, and Not Tested, which again correlate to test associated with specific control families and their overall state.
  • Vendor Health - this graph measures the number of Vendors and their associated risk level. You will see status for Critical, High, Very High, and more depending on the state of the vendors risk assessment.

Note: While the color of both (testing & Control Healthy) dashboards are more indicators of action items, the Vendor Health dashboard color indicates that the risk risk level. 

Control Health Categories

Secureframe assigns a health status to each control based on whether the associated tests are passing or failing. These statuses help you quickly assess where your compliance posture stands and what needs attention.

Health Status Description
Healthy All required tests for the control are currently passing.
🟢 Healthy (overridden) Test may or may not be passing, but the control has been manually marked as healthy—often because the tests are not relevant or alternative evidence was provided.
Unhealthy One or more required tests are failing. Review the failed tests to determine the cause and remediate.
⚠️ At Risk Test may be using a Tolerance Window and indicates the test will move into a failing state soon. 
🚫 Not Tested The control has no enabled tests or all associated tests have been disabled. Often seen in newly added frameworks or when scoping is incomplete.

Action Items

This section of the page focuses on and tracks all time based activity in Secureframe, including reviews, Test due dates, evidence expiration, and task due dates.

You can expect to see events such as:

  • Expiring Evidence - evidence may need to be updated monthly, quarterly and or annually
  • Task that are due - tasks created in Secureframe for teammates that are due
  • Vendor Reviews - vendor reviews may be required on an annual basis depending on the data they share with your company

These action items will be present with a Name, Event type, Owner, and Due Date to ensure your team is in compliance with necessary action items.

You can also click on the arrow next to All Events to review these action items in more full detail, and or link to the action item in question. 

Active Frameworks

The last portion of the homepage will be a framework widget that shows all of your Active Frameworks. This will show all frameworks that are active in your Secureframe instance, as well as what % of Tests are passing for that framework.

Available frameworks

In addition to active frameworks, our available framework section will provide the exact number of overlapping controls based on the current frameworks you have. 

This will allow you to see the advantages of adding a ISO 27001 if you are already pursuing a SOC 2 given the high number of overlapping work. 

Tasks Notifications

The Task and Notification feature in Secureframe empowers you to create notifications and tasks in response to specific event triggers within the platform. This feature ensures that important tasks and events are seamlessly incorporated into your day-to-day workflow tools, allowing for efficient management and tracking.

Tasks and notifications allows you to more effectively track outstanding issues, tasks, and events using the Secureframe platform. We understand the significance of integrating Secureframe into your preferred project or ticket management tools.

Currently, we offer integrations with EmailSlack, Jira, ClickUp, Linear, Microsoft Teams, and Zendesk to seamlessly connect your Secureframe notifications and tasks to these platforms.

Click here to see our full Tasks Notification guide

Frequently Asked Questions (FAQ)

What is required for a test to be displayed in the Action Item widget?

  • For a test to be displayed in the Action Item widget, it must have a configured due date. Tests without a due date will not be shown in the Action Item widget, even if they are in the queue. The Action Item widget is designed to help users keep track of upcoming due dates for their tests, so it only displays tests that have a due date set.

Why isn't my test showing up in the Action Items dashboard widget?

Only tests with configured due dates will appear in the Action Items widget. This widget is designed to surface upcoming work, not already-failed tests. Specifically:

  • Upload tests with an upcoming due date will appear in the widget as they approach their deadline.

  • Tests without a due date configured, or tests that are already failing, will not appear in the Action Items widget.

  • This helps prioritize upcoming evidence collection tasks rather than displaying already-failed or overdue items.

To ensure tests appear in Action Items, make sure the test has:

  • An interval set (e.g., annually)

  • A due date

  • Is not already failed or overdue

Learn more about configured due dates, test intervals, tolerance windows and more here

 

Was this article helpful?

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.