Skip to main content

Tenacy: Understanding the Basics and Modules

Understand the fundamentals of the platform and the role of each module to manage your security measures, policies, risks, and achieve your compliance objectives.

Updated over 3 months ago

This article presents the overall structure of Tenacy and its main modules, to help you understand how they work together and how to use them to reach your security and compliance goals.

The Core of Tenacy: Security Measures

To stay compliant and protect your organization, you must implement security measures.

These measures allow you to:

  • meet the requirements of different policies, and

  • cover risks that could threaten your organization.

They can take different forms :

According to our experts, these measures are necessary to meet a policy requirement or to address a risk identified within your organization.

Measures already in place in your organization.

Even if these measures are not yet fully effective, it is important to start from what you already have and then improve them gradually.

Optimizing Implemented Measures

Even if a measure is already in place, it might not be performing at its full potential.

In Tenacy, you can:

  • Add an improvement action to indicate that an existing measure can be optimized.

  • Once the action is completed, the measure will be considered fully efficient.

Recurring Controls and Performance Indicators

To ensure that measures remain effective over time, Tenacy provides two types of follow-up:

  • Recurring tasks
    Periodic checks on the performance of the measure
    (e.g. verifying that all devices have the latest antivirus version)

  • Performance indicators
    Quantitative metrics measuring the performance of the measure
    (e.g. the percentage of devices with up-to-date antivirus)

The performance of a measure can be evaluated through one or more recurring tasks and/or performance indicators.

Measures you want to implement, but that are not yet in place.

Implementing Non-Implemented Measures

For measures not implemented, you start from scratch.

  • You must create an implementation action in Tenacy to begin setting up the measure.

  • It is also possible to add subtasks to plan and track each step of the implementation process.

The Different Modules of Tenacy

Tenacy is made up of several interconnected modules that allow you to manage all aspects of your cybersecurity and compliance activities.

📝 Evaluations

The Evaluations module allows you to create and manage assessment campaigns (declarations of compliance):

  • based on a questionnaire,

  • and/or linked to a security policy.

These campaigns allow you to collect information directly from the relevant teams, in order to evaluate their level of compliance in a declarative and centralized way within Tenacy.

📌 Action plans

The Action Plan module allows you to manage and organize:

  • improvement actions (to make your measures more effective),

  • implementation actions (to deploy new measures),

  • and simple actions, not linked to measures, to organize your teams’ work.

Each type of action can be assigned to a person or a responsible team, making follow-up and coordination easier.

📆 Recurring tasks

The Recurring Tasks module allows you to manage all your periodic control tasks:

  • set their frequency,

  • indicate whether the control has been performed or not,

  • and delegate these tasks to the relevant teams in your organization.

⚖️ Gaps

After your audits, you can use the Gaps module to manage your gaps or non-compliance:

  • link them directly to the requirements of the related policies,

  • and create corrective actions to address them.

📝 Exceptions

The Exceptions module allows you to manage your non-compliance requests:

  • they can also be directly linked to your policy requirements,

  • ensuring clear and justified tracking.

🚨 Incidents

With the Incidents module, Tenacy allows you to log, analyze, and address security incidents that occur in your organization.

💻 Project Security (add-on)

The Project Security module helps you track the integration of security requirements into your IT or business projects, to ensure that security is considered from the design stage.

🌍 Perimeters

The Perimeters module allows you to view the achievement level of your security objectives by perimeter, as well as the associated trust level.

This score is based on the average between the compliance score and the risk score.

📊 Benchmark

The Benchmark module allows you to compare your compliance scores on public policies with those of your peers.

You can also compare your scores on policies derived from public policies (e.g. an ISO 27002-based policy adapted for your organization).

This feature gives you a quick view of your positioning compared to other Tenacy clients.

📈 Dashboards

In the Dashboards module, you can:

  • create custom dashboards to track your indicators and metrics,

  • and manage your indicators and the metrics used to evaluate them.

🛡️Security Base

The Security Base module is the core of Tenacy.
It allows you to:

  • manage your security measures,

  • along with their related actions and controls,

  • and thus have an overall view of the status of your measures across the different policies and perimeters of your organization.

📚 Policies

The Policies module allows you to track your organization’s compliance with various security policies, whether public or private, and analyze your scores to identify gaps to be filled.

⚠️ Risks

The Risks module allows you to handle and track the risks identified and assessed in your organization (optionally selected from the public risk catalog).

You can also access the optional Risk Analysis module to enrich your evaluations.

Related Articles
Set up a control plan with Tenacy
Tenacy catalog
Manage risks on applications and providers
Discover the new Security base module — your new compliance journey
Understanding Reviews in Tenacy
Did this answer your question?