Knowledge base

Everything you need to know about the functionalities of the PCT

General

Is there a mapping with components from the standard?

Yes. In the reference matrix (under general) you can see which articles per standard are included in the texts. Of course, the standard in question must be included in your license.

What is a task?

A task is a control activity that must be be carried out to maintain the management system. Tasks are recurring, which means they take place annually. The source of the recurring control tasks is recorded in the “Recurring Tasks” form.
In addition to recurring tasks, it is also possible to register one-time tasks using the “Actions” form. These tasks are not repeated annually.

What is a measure?

A measure is an activity required to control and correct a finding and/or non-conformity. Measures can be preventive or corrective. Taking a measure is also necessary when current compliance with internal standards has not yet been achieved.
Measures originate from various forms.
The overview below visually shows which base forms include tasks and measures.
All tasks and measures are displayed in the “Tasks” overview. For each entry, the type of activity and its source are indicated.

What is a registration?

When a form is completely filled out, you call it a registration. For each form, all registrations can be viewed under results.

How do I customize the corporate identity?

Administrators have the ability to customize the house style. Click on “Organization” on the left side of the tree. Here you can customize the logo and main menu colors.

Note! These changes are visible to everyone within the organization.

How do I customize the menu?

With the professional license it is possible to customize the menu. This can be done by clicking ‘Edit menu’ below the menu.
The order in the menu can also be changed. Customizing the menu is only possible for administrators.

When I press the space bar, it continuously opens the search bar. How do I turn this off?

Click ‘Settings’ at the bottom left of the page. Under Personal Settings, you can choose whether to (de)activate keyboard shortcuts.

How do I adjust the font in the PCT framework?

An administrator has the ability to set the layout of content in the PCT framework. This includes font types and sizes and adding a header and footer.

In your account, click on ‘Settings’ at the bottom left and then on ‘Templates’. After this, click on ‘Edit template styling’. Here the fonts can be adjusted.

Note: these changes are visible to everyone in the organization.

How do I report a bug or question?

If you have a question for us or want to report a bug, of course you can. Click on the question mark in the lower left corner next to ‘log out’. Here you can choose whether you want to send an e-mail, call us or check the FAQs.

Currently it is only possible for full users to report questions or bugs via the PCT.

What types of licenses are there for the PCT?

The PCT has three types of licenses: Standard, Professional and Enterprise. You can learn more about the options on the licensing page.

What does the GDPR module entail?

The GDPR module provides a tool to support organizations in complying with the General Data Protection Regulation (GDPR). This module helps you effectively manage various aspects of data protection.

Key functionalities of the GDPR Module:
Policy Documentation: Records the organization’s policies for handling personal data, including internal guidelines and procedures.
Conducting DPIAs: Perform Data Protection Impact Assessments (DPIAs) to analyze risks, take appropriate measures, and proactively identify potential privacy risks in data processing activities.
Managing the Processing Register: Offers a clear and centralized overview of all data processing activities. Provides insights into which personal data is collected, how it is used, and with whom it is shared.





In addition to these features, the Professional version will soon provide access to detailed logs of registrations. With the standard license, you can see who made the last change to a registration, but not what was changed. The Professional license offers insight into the specific changes that have been made. See the example below.



Why can’t I open the links in the text?

If you click on the ‘eye’ in the upper left, you set the item to viewer mode. This means it becomes a logical, readable page. The links (identified by the blue-printed words) allow you to go to another part of the PCT with one click. To return to the editable page you can click on the ‘pencil’, then the ‘eye’ becomes visible again.

How do I set up favorites?

In the PCT, you can mark items from the PCT framework and forms as favorites. You do this by clicking on the favorite icon. All favorites can be found at the top right of the PCT.

What is a Statement of Applicability?

For the ISO 27001 certification, a statement of applicability (SOA) must be drawn up, in which it is made clear which controls are and which are not declared applicable on the basis of the Annex A of the ISO 27001 standard. 
 
The declaration of applicability consists of several parts: 
– Article 
– Control measure 
– Measure applicable 
– Measure implemented 
– If measure does not apply: reason for exclusion 
– Documentation of the control measures 
– The four principles by which the control measure applies: 
1. Laws and regulations 
2. Contractual obligation 
3. Baseline  
4. Risk analysis 

During the execution of the risk analysis, measures are declared applicable, and it is indicated which measures are implemented (by ticking these control measures). In addition, measures may apply by law and regulation, contractual obligation or as a minimum baseline of the organization.

How do I create a Statement of Applicability based on the risk analysis? 

In the file library you will find a work instruction about the Risk Analysis and how it should be carried out. In the file library there is also a statement of applicability template. This must be filled out on the basis of the risk analysis completed in the PCT.  
 
In the Risk Analysis, go to the ‘Control measures’ tab and then click on ‘Articles ISO 27001:2022’. 


Then the different subjects are shown. The corresponding controls are displayed when you click on the subject. In this way, it becomes clear which articles apply, and which do not (also recognizable by the different colors, green, grey or red).  
 
For measures that do not apply, the explanation about why this control is not applicable should be filled in (see last column). 



In the template of the Statement of Applicability, it must be checked per standard article whether a control measure applies or not, has been implemented, and why this measure applies. The column “Risk analysis” must correspond to the results of the risk analysis, because ISO 27001 is risk-based for a reason. 



Good to know: It is possible to apply a filter to the Control Measures in the PCT.  
 
– Not implemented (red) 
– Not applicable (grey) 
– Applicable and implemented (green) 

Experience the ease of the ProActive Compliance Tool

Try out the PCT for free
Demo request

ProActive Compliance Tool

ISMS software
ISO 27001 software
Certification
Online management system
FAQ

Contact

085 - 06 08 584

Follow us

Privacy policy

Terms and conditions