The Issue Management module will allow the management of findings generation, remediation tasks, and generating exception requests related to any issues that are found in the course of investigating a security incident or responding to a data breach.

•             Findings Application – In our deployment, this application will be used to generate findings from incidents and breaches for further review and action by the AMOS, OE, and business owners of systems involved in an incident or breach.

The Findings application allows you to document and track all of the individual issues that must be resolved in order to close an incident or breach. You can resolve a finding through either a remediation plan or exception request.

•             Findings workflow is built out based on requirements from other solutions and the Allianz team. Further customization of the findings workflow is out of scope for this deployment

•             Exception Requests Application– Referenced by SecOps solutions but out of scope for customization as part of this deployment.

The Exception Requests application allows you to manage the process of granting denying, and expiring exceptions to the remediation required in a Finding. Through the built-in workflow, the application enables you to ensure that all exceptions are properly reviewed. You can also report on exceptions across the enterprise, monitoring them by control, department, or severity, to visualize the impact of exceptions on the business and its compliance posture.

•             Remediation Plans Application – Referenced by SecOps solutions but will be customized for Allianz to align with AMOS IT and OE requirements.

The Remediation Plans application allows you to centrally manage multiple findings and track actual and estimated remediation costs and timeframes. Relating multiple findings in the context of remediation plans allows you to identify larger issues and support informed decision-making.