-
Intro
-
General Guidance
-
Tasks
-
Compliance
-
Controls
-
Meta Model
-
Administration
General Guidance
Navigation
Role-Specific Access and Visibility
Access for All Roles
- Universal Navigation: Navigation in vucavoid is available to users of all roles.
- Role-Based Navigation Elements: Specific navigation elements vary based on the roles assigned to the user.
Types of Navigations
vucavoid is using a intuitive UI setup. In doing so, there are multiple menus for any user to make use of:
- Sidebar navigation: The main navigation providing access to the main features of vucavoid, ranging from The Hub, over VUCA Score, to risk, control, incident management and more.
- Tenant navigation: Also part of the sidebar, directly above the main navigation. Dropdown menu that provides access to all options for tenant management (based on user roles).
- User navigation: Dropdown menu that provides access to all user account features from profile information to personal blueprints.
- Spotlight navigation: By pressing CTRL + K (Windows) or CMD + K (MacOS) users can summon the smart navigation that opens an overlay to navigate by mouse, keyboard or by searching for the page they are looking for.
- Lanugage navgation: Dropdown menu to switch between languages, placed in the top bar of the application.
All menus are available to all users. Please note, that the extent to which options are available per navigation menu may differ significantly based on roles assigned to users.
Sidebar Navigation
The main navigation is providing access to virtually all major feaures of vucavoid.
It is divded into four main sections, each containing pages assigned to the respective section.
First section
This section has no dedicated headline/title.
It entails the following links:
- Onboarding: Only visible until the user account finished its role-specific onboarding. If role assignments are chnaged, the page will appear again - for new role-specific parts of the onboarding.
- The Hub: The user's starting page to vucavoid, holding role-specific information. The Hub, as indicated by its name, can be used to reach the majority of relevant pages for the roles assigned to the user - or to directly interact with the entities in access.
- Tasks: Individual task management for the user account.
- VUCA score: Access to a core feauture of vucavoid, the VUCA score for the active tenant (role dependent).
As noted above, the visibility of features/navigation items might differ significantly between users based on the assigned roles. For showcasing this, the following screenshots show two different setups:
- Sidebar navigaton for an user with the role "Tenant admin" (highest role within a tenant).
- Sidbear navigation for an user with the only role as "Meta Model Manager"
Please note, the navigation item "User Management" is visible to every user, though all users without privileged roles can only see their own user and have access to a very limimted set of functions.
Second section
The second section has the title "Compliance Management", indicating access to all main features of compliance management - except for control management which has a spearate section, see below.
It entails the following links:
- Requirements: Access to the requirements management for the tenant (incl. references, both role dependent).
- Threats: The tenant's threat management, cyber threats based on MITRE ATT&CK (role dependent).
- Findings: Management of all identified findings for the tenant's organization/compliance management (role dependent).
- Risks: Risk management for all identified risks for the tenant's organization/compliance management (role dependent).
- Incidents: Management and documentation of incidents as well as the incident response handling (~war rooming, all role dependent).
- Challenges: Challenge management, providing access to tenant-internal assessments of requirements as well as MITRE ATT&CK based cyber threats - modeled individually for the tenant's organization (role dependent).
Third section
The third section has the title "Control Management", indicating access to all main features of control management.
It entails the following links:
- Controls: Management for all controls with relevant to the tenant organization's compliance management (role dependent).
- Control Objectives: Access to the management of all control objectives, also access to all controls linked to the respective control objectives (role dependent).
Fourth section
The fourth section has the title "Meta Model", indicating access to meta modeling in vucavoid.
It entails the following links:
- Capabilities: Access to the capability management in the context of meta modeling in vucavoid (role dependent).
-
Objects: Access to the object management in the context of meta modeling in vucavoid (role dependent).
- Legal Entities: Management of the object type "Legal Entities".
- Locations: Management of the object type "Locations".
- Processes: Management of the object type "Processes".
- Products: Management of the object type "Products".
- Third Parties: Management of the object type "Third Parties".
- People: Management of the object type "People".
- Teams: Management of the object type "Teams".
- IT Assets: Management of the object type "IT Assets".
- Phyiscal Assets: Management of the object type "Phyiscal Assets".
- Information Assets: Management of the object type "Information Assets".
Fifth section
The fifth section has the title "Administration", providing access to major parts of the tenant adminstration.
It entails the following links:
- Tenant Settings: Access to the capability management in the context of meta modeling in vucavoid (role dependent).
- User Management: Access to the user management of the tenant. Even though every user has the link in its sidebar navigation, only privileged users can see more than the own account (role dependent).
- Structures: Acess to the management of structutal charateristics of the compliance management in the tenant, like standards, categories, assurances and domains (role dependent).
Tenant Navigation
Directly above the main sidebar navigation, users can acess their tenant navigation.
To access the menu, the user needs to click on the logo of the active tenant. Please note, if the tenant did not set a logo image in the tenant settings, the (automatically created) initials of the the tenant's name will be shown and need to be clicked.
This menu is dependant on the user account and its role in the active tenant.
Generally, users can manage their currently active tenant, if they have been assigned the role of tenant admin. If so, users can manage the settings of their active tenant, manage the tenant's subscription and switch between all tenants their account has been invited to.
If an user account is invited to exactly one tenant and is not assigned tenant admin rights, this user can only use the tenant navigation to sign out from vucavoid.
In its full capacity, the menu entails the following links
- Manage subscription: Access to the Paddle-interfacing subscription management for the active tenant - update and/or cancel subscription plans for the active tenant (role dependent).
- Settings: Access to the tenant settings for the active tenant (role dependent).
- Sign out: Sign out from vucavoid and end the current session.
- List of tenants: Possibility to switch between different tenants in vucavoid (user account dependent).
User Navigation
To access the personal settings and data of each user account, the user navigation is a dropdown menu that is activated by clicking on the avatar of the current user. Please note, if the user did not set an avatar image in the personal settings, the (automatically created) initials of the the user's first and last name will be shown and need to be clicked.
The user navigation is entailing the following links:
- Personal settings: Management of the user account's personal settings.
- Personal blueprints: Access to define and manage user account owned blueprints.
- Onboarding: Access to the role-specific onboarding. This link remains active even if the onboarding has been fully passed - can be revisited anytime.
- Sign out: Sign out from vucavoid and ending the current session.
Additionally, the user can set the preferred system theme, switching between light mode (sun symbol), dark mode (crescent symbol) or system mode (display symbol). Also, the spotlight navigation can be used to switch between these modes (toggle between light and dark mode). For further information on the spotlight navigation, please see below.
Spotlight Navigation
The main navigation is providing access to virtually all major feaures of vucavoid, using a very convenient way.
To summon the spotlight navigation, Windows users need to press CTRL + K simultaneously, MacOS users press CMD + K at the same time. Once pressed, an overlay opens up which allows the user to control the navigation of vucavoid via mouse cursor, arrow buttons on the keyboard or by simply searching for what they would like to find.
When the overlay opens, the search field on top is directly activated.
Navigation is possible by using the up ⬆️ and down ⬇️ keys on the keyboard to select the preferred navigation point. By pressing ENTER spotlight will dive one layer deeper into the navigation. When pressing ESC, spotlight will increase the navigation level by one. If spotlight is on the top level, pressing ESC will close spotlight. Spotlight can also be closed by clicking outside the overlay with the mouse cursor; depending on the navigation layer it might require multiple clicks, as each click increases the navigation level by one mimicing the behavior of ESC.
Primarily, Spotlight allows the user to browse all (role-accessible) compliance management features as available in all other navigations. This also includes browsing all entity types and selecting single entites from them.
Once a specific navigation point has been activated, the user can use the search field to search for a specific entity using Spotlight. Once found, the user can go deeper one level, selecting the entity, by pressing ENTER or by clicking with the mouse cursor on it. Depending on the entity-specific access for the active user (and the entity status at the given time), the entity can be viewed, edited or deleted.
Please note, Spotlight does not allow to bypass access rights/ roles but only shows those entries thatare available to the active user.
As a side note, Spotlight also allows to control the UI as the user navigation does, toggling the sidebar and the theme (dark and light mode in alternating toggle).
For a more comprehensive understanding, the following video shows an exemplary utilization of our Spotlight navigation.
vucavoid navigation: Spotlight navigation within vucavoid (demo data).
Language Navigation
To offer multiple lanugages for the application interface of vucavoid, every user can choose a language that suite his/her needs to most.
Please mind that the main lanugage of vucavoid is English. Support for other languages gradually increased.
The selected language is visible by the flag symbol in the round button in the top bar, next to the notifications button (bell icon).
Minimizing and Expanding the Sidebar
Outside of the Spotlight navigation (see above), the user can also expand and collaspe (minimize) the sidebar by using the chevron symbol (aligned to the left when expanded) to collapse the sidebar. This feature can especially advantageous when an user wants to specifically concentrate on specific data, not be distracted or needs more horizontal space on screen to read data (e. g. in a multi-window setup on one screen).
Breadcrumb Navigation
For orientation but also for easier navigation, every page that has more than one level provides the user a breadcrumb navigation that is displayed above the main content of the page.
Plase note, as a basic rule, vucavoid tries to avoid nested flows, i. e. avoiding a more than 3-level data structure/flow.