Sastrify platform streamlines the setup, customization, and management of product stack compliance processes, making it easy to stay audit-ready while saving valuable time. 


With intuitive workflows, ready-made, pre-built templates, and customizable frameworks, you can quickly build compliance structures that are perfectly aligned with your specific needs.

IN THIS ARTICLE

Create and add a new framework



  1. Select Compliance in the navigation bar to access the Compliance Overview Dashboard.
  2. Click the "Add Framework" button located in the upper right corner of the page.
  3. Choose whether you want to use the ready-made templates (e.g., DORA or NIS2) or create your custom framework.
  4. Click Next.
  5. Enter the framework details: name, description, and deadline.
  6. Review the framework criteria.
    • If you choose a ready-to-use template, the Criticality Assessment form is preconfigured based on the actual framework selected, allowing you to get started quickly while still having the flexibility to add additional custom elements.
    • If you opt for a custom framework, you'll begin with a blank page where you can define unique requirements using the Sastrify Form Builder. (Refer to the next section for detailed instructions on using the Form Builder.)
  7. When you are ready, click "Create Framework" to complete the framework creation.
  8. To add another framework, repeat the process above. You can add as many frameworks as possible.



Once the framework is created, it is automatically applied to all products in your tool stack, ensuring comprehensive coverage across your compliance processes.


Build a custom framework


When you choose a custom framework, you start with a blank page where you can define unique requirements using the Sastrify Form Builder. Its intuitive drag-and-drop interface makes it easy to create tailored criticality assessments that align with your internal needs.


Add a form component


The builder offers a wide range of components, including basic fields like text, single-select, multi-select, email, URL, and date picker, as well as layout elements such as HTML blocks, panels, and columns. This flexibility allows you to create forms tailored to your specific compliance requirements.



To add a form component:

  1. Drag it from the left column to the blank area on the right side of the Form Builder.
  2. Set general attributes such as label, position, placeholder, description, and tooltip, and configure individual settings within the designated tabs.
  3. Use the Preview section to see real-time changes as you adjust settings.
  4. Click "Save" to finalize the component creation.


For a brief overview of each component and how it works, refer to this article.


The pre-built, ready-to-use templates are designed for quick setup while still offering full customization. You can easily add additional criteria or edit the existing ones to tailor the template to your specific needs.


Edit a form component


To edit a form component, hover over it, and a set of settings will appear (each component has its own settings). These settings allow you to:

  • Edit the component by changing its general attributes or configuring the individual settings within the designated tabs.

  • Move the component to a different location or reorder it.

  • Copy and paste to create another version of the component and place it in a different location.

  • Remove the component from the form.


Edit a framework or assessment criteria


WARNING! Editing existing fields may result in data loss. 
Modifying a field that already contains responses may cause existing data to be lost. To make changes without losing data, add a new desired field and delete the previous one when you're ready


You can edit any existing framework to quickly adapt to new regulations or internal policies. To adjust a framework after creation, follow these steps:

  1. Select the framework from the Compliance Overview Dashboard.

  2. Click the "Edit Assessment Criteria" button in the top right corner.

  3. Make the necessary changes to the framework details and/or criteria.

  4. Click "Save Changes" to confirm your updates.


Assign criticality level


The first step towards being audit-ready is to assign a criticality level to the existing SaaS products within your tool stack. Assigning criticality helps prioritize risks and focuses audit efforts on the most business-critical IT products in your organization. To assign criticality levels, start by selecting a framework and follow the steps outlined below.


Individually:

  1. Select a product in the list.

  2. You can also use the search bar or the "Not Assigned" bubble to filter for a certain product.
  3. Click the "Assign Criticality" button on the right side of the row.
  4. Define whether it is a critical vendor by selecting one of the 3 options: Critical, Non-Critical, or Not Applicable.
  5. Click "Save Changes".



When assessing the criticality level on an individual basis, you have the option to proceed directly to the assessment and begin answering the compliance questions right away.


In Bulk:

  1. Click the "Assign Criticality" button in the top banner.

  2. Select multiple vendors or products to assign status to by marking their check boxes.

  3. Choose a status to apply to the selected vendors by selecting one of the 3 options: Critical, Non-Critical, or Not Applicable.

  4. Click "Confirm".



Complete criticality assessment


The next step in ensuring full compliance for your organization and SaaS product usage is to complete the required assessments (e.g., DORA or NIS2) by answering the compliance questionnaire. To begin the assessment process, select a framework and follow the steps outlined below.

  1. Select a product in the list.
  2. You can also use the search bar or the status bubble to filter for specific products.
  3. Complete all the questions in the assessment.
  4. The progress bar at the bottom will show your progress and how many questions remain.
  5. Once finished, click "Complete." If you stop midway and want to save your progress, click "Save Changes".



Monitor progress and audit readiness


Use the Compliance Overview Dashboard to: 

  • Manage and track your compliance efforts across single or multiple frameworks. 
  • Monitor your overall completion rate and high-level progress, broken down by product criticality. 
  • Track progress or gaps in criticality assignment and assessment completion. 
  • Access each framework to dive deeper into the status at the individual product level and track the assessment progress for each one.



Frequently Asked Questions


Q: Can I add multiple frameworks and conduct multiple assessments simultaneously?

A: Yes! You can create as many frameworks as needed. All created frameworks will be displayed in your Compliance Overview Dashboard, where you can manage and initiate assessments—either one at a time or simultaneously.


Q: Can I customize a pre-built template (e.g., DORA or NIS2) by adding more questions or criteria?

A: Absolutely! While pre-built templates offer a quick setup, they remain fully customizable. You can add new criteria or modify existing ones to fit your specific needs. Simply use the Form Builder and drag your preferred component from the left column into the form area.


Q: Once a framework is created, do I need to manually add IT products and subscriptions?

A: No, once a framework is created, it automatically applies to all products in your tool stack, ensuring complete compliance coverage. Your tool stack will be incorporated within the framework without any manual efforts. However, it's essential to keep your tool stack updated for accurate compliance tracking.