Skip to main content
Skip table of contents

Compliance Policies

What Is A Policy?

Dash Compliance Policies are administrative policies mapped to established compliance and regulatory standards and are built to help your team accomplish the following:

  • Meet administrative safeguard requirements for compliance standards including SOC 2 and HIPAA

  • Set realistic standard operating procedures (SOPs) for how your team manages compliance within your organization and the cloud.

  • Provide a guide for how your team manages compliance going forward.

  • Provide Dash ComplyOps application with info to better monitor your infrastructure (ie. detect specific encryption or user standards based on policy standards).

When getting starting with Dash, Compliance Policies are a great first place to start managing your security program and gaining an understanding of compliance standards and what is required from your organization.

Getting Started With Policies

The first time, your team enters the Policy Center and navigate to Policy Center > Policy Configuration, you will be prompted to select the security programs (policy sets) you would like to adopt.

  1. Select the Security Programs at the top of the page

    1. Click the “Create Policy Set” button

    2. You will be taken to the Initial Policy Questionnaire page:

  1. Answer the questions to the best of your ability, as they will help define further policy standards.

    1. You are be able to change these answers later.

    2. Context for each question is provided on the right when you select the question input.

    3. Go to the bottom of the page and click the “Save Button”

    4. You will be taken to the following Policy List page:

Creating Policies

The Policy Center provides teams with over 15 different compliance policies to build your security program. It is recommended that your team adopts all Dash policies. If your team has existing external policies, it is still recommended that your team answers and generates policies and then upload your custom policies.

Answering all policy questions helps to inform the Dash application of your company’s security program standards, and will enable Dash ComplyOps to monitor and use your security program settings across the Dash application.

Policies can be created in any order, but are typically most straightforward working top to bottom. To create policies, your team should take the following steps:

  1. Go to the Policy Center > Compliance Policies

  1. For each policy, click the “Start Policy” button.

    1. Any Initial Policy Questionnaire answers will be prefilled for the selected policy.

  1. Select the appropriate answer for all questions in the policy.

    1. Some questions will have dropdowns with recommended answers, others will require text from your team.

    2. Answers for questions are automatically saved, so your team can answer questions and come back to policies later.

    3. You will be unable to create a new version of the policy, without all questions being answered.

  2. After answering all questions, scroll to the bottom and click the “Go to Policy Document” button

    1. Dash will create version of this policy based on your answers and take you to the Policy Editor

    2. Changing answers for a policy and generating the policy again will create a newly versioned policy using your latest answers/changes.

  1. In the Policy Editor page provides the following navigation:

    1. Policy History/Versions - View a list of all policy saves/versions. Dash automatically saves policy versions periodically.

    2. View Policy - View the full policy version, complete with all variables and edited text.

      1. Policies can be exported as PDFs in this area as well.

    3. Save - Save changes to your current policy document.

  1. You can edit the administrative policy in the text editor:

    1. You can add or remove relevant segments to the policy

    2. Answers from policy questions are formatted as variables

      1. IE. Company Name = {{company_name}}

      2. Changing answers for a policy and saving policy again will update the variables using your latest answers/changes.

    3. Click the “Save” button to save changes.

    4. You can see the view the full policy by clicking the “View Policy” button.

  1. After creating and editing a policy, you. On this page you can take the following options:

    1. Edit Policy - Takes you back to the Policy Editor page.

    2. Share Policy - Copy the URL of this policy to share with another user of Dash.

    3. Export Policy - Download the Word document of the policy (with compliance annotations).

Updating Policies

Editing Answers & Policies

At any point after answering policy questions or editing policy text, you may make changes to policeis.

1. Navigate to to the policies list at Policy CenterCompliance Policies

2. Click the “Edit Policy” button next to the individual policy to edit.

3. The latest standards/answers of your current policy will be shown on the next page.

  1. You may modify or update any answers to your policy and then click the “Go to Policy Document” button.

    1. You will be taken to the Policy Editor with the latest version of your policy.

  1. You can make any edits to the policy text and save them by clicking the “Save” button

  2. After saving, you can view your latest policy by clicking the “View Policy” button

Exporting Policies

At any point, you can download Dash ComplyOps policies to share with clients, employees, etc.

  1. Navigate to Policy Center → Compliance Policies.

  2. For the policy you want to export → Click the “View Policy” button

  3. Click the “Export Policy” button in the top navigation

  1. Dash ComplyOps will generate a PDF and start downloading the file in your browser.

    1. The export function may take 10 seconds or so to generate the file.

    2. If you do not see the PDF download, check your browser search bar for any alerts or restricted downloads, and allow the site to download files.

Uploading Custom Policies

  1. Navigate to Policy Center → Compliance Policies

  1. Click the “View/Upload Legacy Polices” button at the top of the page

  1. In this page you can manage any legacy security policies, documents, and all other security materials.

    1. Click the “Upload Document” button.

    2. Enter a name for the document being uploaded.

    3. Select the document to upload with the “Click to upload” button.

    4. Click the “Upload” button

  1. You will now see the new file in the document list

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.