With information handling and distribution becoming more and more sensitive, the information security team is crucial in building a structured process to ensure quick response and safe operations. Whether it is staying compliant or requesting the right security information, the agents have to stay on top of employee requests.
Here’s how you can set up your Infosec service desk to get started:
Setting up email support:
Using a shared email inbox to handle requests can be cluttering and inefficient. With Freshservice, you can efficiently receive service requests as tickets and assign them to the right agent or a group. You can start by setting up your support email to send all the requests handled by your department and their associated notifications through this email id. If your department has a separate email for each group, like firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, and so on, you can add each one of them separately.
You can choose to assign all the incoming emails to a specific group or use workflow automators to assign them to groups/agents based on certain conditions such as agent expertise, nature of the request, priority, and more.
Manage service requests with a unified catalog:
Deep dive on user requirements to create an intuitive yet extensive self-service portal that can be used to raise requests. The unified service catalog can streamline request management and close the loop by setting up service request fulfilment teams that can vary across risk, compliance, security, etc. Refer to this link to set up your InfoSec service request items in no time.
Admins can also automate the approval process with the workflow automator before the ticket gets assigned to the agent group to work on. On successful approvals, the ticket can be assigned to the agent group.
Database of policies and knowledge articles:
Ensuring security needs timely communication of plans, change in policies, and updates to existing policies. Create FAQs and policies for commonly asked questions like understanding information security policies, privacy management, requirements for technology landscape, adherence to compliance frameworks, threat mitigation, etc., to enhance self-service adoption and deflect tickets.
Customize ticket details for capturing relevant information:
Show your agents only those fields relevant to infosec and not any other function. By adding fields that are specific to your group (Admin>Form Fields>Ticket Fields) and making them visible only when tickets or service requests meant for infosec teams are created (via ‘Business Rules for Forms’), you can design a ticket details page view that makes sense to your team and doesn’t confuse them.
Create custom SLAs to control service efficiency:
To respond to time-sensitive tickets and rightly prioritize high-risk tickets, you set expectations for agents as well as employees by defining standards for how soon your agents should respond to requestors and resolve their problems. You can set up ticket or group-specific Service Level Agreements (SLAs) and stay on top of any SLA violations by notifying the right stakeholders. You can also add your Business (Working) Hours and apply SLAs based on that.
Automate workflows to trigger approvals and tasks:
Configure a workflow in the workflow automator to automate routine tasks such as assigning requests and automating approvals. An employee request to access confidential documents might need approvals from the manager and the department head before providing access. Any ticket that contains a request for confidential information can be automated for assignment and approval using the workflow automator.
Monitor projects and track timelines:
Critical projects such as annual audits or inspections are repetitive in nature and might contain a series of tasks mapped to different stakeholders across the organization. With the project management module, you can seamlessly define timelines and collaborate efficiently.
Reach out to us at Freshservice support for further help or queries.