ACL May 2016 Product Pulse

Source:- ACL Blog

ACL-PulseNewsletter-header-v5The Product Pulse is ACL’s regular blog series on product & ecosystem updates.

In this Edition:

Bulk upload your controls into Project Manager, how to audit your Active Directory in 15 minutes (or more. Probably more), de-duplicating your continuous monitoring efforts in Results Manager, and a new training partnership with MIS Training Institute (MISTI).

Bulk upload all the controls to ACL GRC

Remember in college how you were expected to help someone move for a few slices of pizza and a case of beer? Yeah, I’m glad that those days are behind me too—except when you realize that moving to a new GRC system is even harder than pivoting a couch on a spiral staircase.

With the bulk uploader, moving to ACL GRC didn’t become painless, but it did get a lot less painful. More like, moving a loveseat up a nice wide staircase, with Dwayne Johnson. Here’s how you use it:

  1. Add your risks and controls to an Excel spreadsheet (there’s a template available if you’re unsure of the format)
  2. Set up your ACL GRC project and processes
  3. Use the bulk uploader to populate your content
  4. Re-associate your risks and controls
  5. Revel in delight


PROTIP: You can use ACL Analytics to extract from your existing application system and clean-up your risks and controls for step 1 above. You can be fully migrated in 10 minutes! (Well, not really, but you get the idea).

All your Active Directory can belong to you with ScriptHub

Did you know that we have TWO scripts in ScriptHub for extracting data directly from your Active Directory? Once you run the script, you get a nice and neat table with user names and other nicknacks so that you can perform testing like:

  • Whether or not password expiry controls are being enforced properly
  • Whether or not terminated employees are being promptly deactivated from Active Directory (bump the list against your HR database)
  • Whether or not terminated employees are being promptly removed from critical business applications (bump the list against a dump of application users)
  • What time that cute guy in Accounting last logged on, and what Active Directory groups he belongs to 😉

The first script is “Domain User Listing – NETUSER”  The nice thing about this script is that you don’t need anything other than the right privileges to run it. Download, and run. The not so nice thing is that it can be slow.

The other script is “Domain User Listing – CSVDE” You’ll need CSVDE.exe application which is typically installed on Windows Server operating systems (but you may need to additionally install Remote Server Administration Tools or RSAT).

PROTIP: You can use visualizations to visualize last logon dates vs. password last set dates to look for outliers, like this:


Do away with duplicated results using Results Manager’s new de-duplifier

So, everyone uses ACL for finding duplicates, but then once you’ve found those duplicates, you don’t want to duplicate your duplicates the next time you look for duplicates, otherwise you’ll duplicate your effort looking at the duplicates again. Now, Results Manager automatically de-duplicates your duplicates. Duplicated duplicates? No more!



Now you can define a unique identifier key for your Results Manager exceptions, (e.g. a purchase card transaction id, invoice id, or user id) and the next time you publish a record to results with the same identifier, it updates the existing record with information with the newly published record. COOL! Learn more about defining unique keys in your Results Manager in the help docs.

Other stuff we gone and did
  • In Project Manager, the experience of linking risks and controls got streamlined, and the status indicators had their logic tweaked
  • In Results Manager, you can close Surveys and Event reports
  • In Inspirations, new Zapper Fraud category to catch tax evaders
  • In, a refreshed landing page that’s easier to navigate
Friday, May 6, 2016 In: Hot Topics Comments (None)