Smart User Mentions allow you to tag team members directly in comments throughout Secureframe, ensuring the right people are notified about important discussions and action items.
Overview
When you mention a user in a comment using the @ symbol, they receive an email notification with a direct link to view the comment. This feature helps streamline communication and keeps your team aligned during audits, risk assessments, and compliance activities.
How to Use Smart User Mentions
- Navigate to any comment section within Secureframe
- Type the @ symbol in the comment field
- Begin typing the name of the user you want to mention
- Select the user from the dropdown list that appears
- Complete your comment and add comment
The mentioned user will receive an email notification containing your comment and a link to view the conversation.
Where Smart User Mentions Are Available
Smart User Mentions work in comment sections across Secureframe, including:
- Tests: Internal comments on test details
- Audits: Comments within audit tests and audit completion workflows
- Controls: Comments on control details and implementation discussions
- SSP Report Requirements: Comments tied to specific SSP sections and requirements
- Evidence: Comments on uploaded evidence for tests
- Test Evidence: Comments within both the Audit Module and Test Module
- Risks: Comments on company risk items
- POA&M Items: Comments on POA&M findings, remediation, and status updates
Vendors: Comments on vendor risk details and security reviews
Email Notifications
When you're mentioned in a comment, you'll receive an email that includes:
- The comment text with your mention highlighted
- The name of the user who mentioned you
- A link to view the comment in Secureframe
Deep Link Behavior by Location
When clicking the link from a mention notification email, you'll be directed to the relevant area in Secureframe. Depending on where the comment was made, the link behavior varies:
Full Deep Link Support
The following areas support direct deep linking that opens the exact comment location:
| Location | Link Behavior |
| Tests (in tests Module) | Opens the test slideout with comments visible |
| Tests (in the Audits Module) | Opens the audit test with the comments panel displayed |
Partial Deep Link Support
For some areas, the email link will take you to the relevant page, but you may need to navigate one additional step to view the comments:
| Location | Current Link Behavior | To View Comments |
| Company risks | Opens the risk details page | Open the comments slideout |
| Evidence (Tests uploads) | Opens the test slideout on the "Evidence" tab | Open the evidence item details, then view comments |
| Vendor risk details | Opens the Vendor risk details page | Open the comments slideout |
| Vendor security review answers | Open the internal review section | Open the relevant Q&A to view comments |
| Vendor risk documents | Opens a vendor security review area | Go to Documentation, open the document, then view comments |
Best Practices
- Be specific: When mentioning someone, provide enough context in your comment so they understand the request or information without needing extensive back-and-forth
- Mention relevant parties: Only mention team members who need to be informed or take action to avoid notification fatigue
- Check the original location: If you receive a mention email and the link doesn't open directly to comments, look for a comments icon or slideout panel on the page you land on
- Use mentions to communicate with your auditor: Tag your auditor directly in audit test comments to streamline communication and ensure quick turnarounds. This keeps all discussions centralized, creates a clear audit trail, and eliminates delays from missed messages or buried email threads
Frequently Asked Questions (FAQ)
I didn't receive a mention notification. What should I check?
- Verify your email notification settings in Secureframe and check your spam or junk folder. Also confirm the person who mentioned you selected your name from the dropdown. Simply typing your name without selecting it won't trigger a notification.
Why doesn't the email link take me directly to the comment?
- For some areas in Secureframe, the link takes you to the general page rather than opening the comments panel directly. See the "Partial Deep Link Support" table above for guidance on navigating to comments after clicking the link.
I clicked the link but can't find the comment. Where should I look?
- Check for slideout panels or modals that may contain comments.
Why can’t I mention certain users in audit comments?
Mention availability depends on both the module and the type of comment being used.
Audit Module → Auditor comments
You can mention Auditors, Admins, and Super Admins only.
Audit Module → Internal comments
You can mention internal users with an access role. Auditors and users without an access role cannot be mentioned.
Outside the Audit Module
Mentions are limited to internal users with an access role. Auditors cannot be mentioned outside of the Audit Module.
If a user does not appear in the mention dropdown, it means they cannot be mentioned in that specific comment type.
Comments
0 comments
Article is closed for comments.