Adding A System

In this section, will cover how to add a system in the Compliance / Cyber section of the In A Box platform. This process is to be performed for each unique system that requires documentation.

Table of contents
  1. Add Systems
    1. Edit System
    2. Delete System
  2. Manage Context
    1. Step 1. Data Collection
    2. Step 2. Data Collected Review
    3. Step 3. Filtered Data Content Review
    4. Step 4. Clean Data Review.
  3. Conclusion

Add Systems

Similar to the Organization section, the System section is where users can define the systems that require documentation. Users will be creating a knowledge base of the systems that exist under the organization.

Navigate to the Compliance / Cyber section select the Systems & Packages and click on Add Systems button.

  • Fill in the details for the system - some of the fields are mandatory.
  • Click on ‘Add System’ to save the details.

After adding the system, users will see it listed on the Systems & Packages page. Users can add multiple systems.

Edit System

After a system is created, users can edit the system details by clicking on the Edit button under the Actions column.

Delete System

Users can delete a system by clicking on the Delete button under the Actions column for the respective system entry.

Manage Context

The Manage Context section is the main section where users are required to provide relevant information about the system. This information will be used to generate documents for the system. Relevant information includes files such as product one pager, cybersecurity architecture, existing assessments, NIST controls, traffic flow information etc.

Navigate to the Manage Context section and click on the upload button to be redirected to the first step of the Manage Context section.

Step 1. Data Collection

The data collection step is the first step in the Manage Context section. Users will be required to provide information about the system. Fill out the fields and follow the instructions to complete the data collection step. We describe this phase as the ability to consolidate all relevant unstructured data into one place.

The 5 fields in the data collection step are:

  1. Short Description
    • Provide a short description of the system.
  2. System Description Context (Put anything that is not in your documents below)
    • Provide any context that is not in the documents/datasets.
  3. System Security Context (Put anything that is not in your documents below)
    • Provide any security context that is not in the documents/datasets.
  4. Ingest training results from your Ask Sage datasets (optional)
    • Ingest training results from your Ask Sage dataset. If you use Ask Sage, you can select datasets that are relevant to the system.
  5. Drag and drop files here or click to browse.
    • Upload relevant files that are not in the datasets.

Once the data collection step is completed, click on the Next button to proceed to the next step.

Step 2. Data Collected Review

The data collected review step is the second step in the Manage Context section. All of the data/information provided in the data collected review step will be consolidated and displayed in this step. Followed by a prompt that is then used to prompt Ask Sage to review the data/information provided in this step.

The two fields in the data collected review step are:

  1. Aggregate Raw Data Collected
    • All the data/information provided in the data collection step will be consolidated and displayed in this field.
    • No action is required in this field.
  2. Prompt to execute
    • This field is automatically populated with a prompt, but can be edited by the user. However, it is recommended to keep the prompt as is if the user is not familiar with prompt engineering or reach out to the Ask Sage team for assistance. The purpose of this prompt is to tailor the provided content about your system.

Prefilled Prompt:

I am working on my cybersecurity compliance detailed documentation for requirements like CMMC, FedRAMP, GDPR, NIST, or other compliance standards and need to collect all the detailed information that can help write my personnel details, asset management, compliance documents, policies, and procedures. This includes, but is not limited to:

  1. Asset Inventory
  2. System Configuration
  3. Access Controls
  4. Incident Response
  5. Risk Assessment
  6. Security Awareness and Training
  7. Security Policies and Procedures
  8. Security Monitoring and Logging
  9. Physical Security
  10. Third-Party Management
  11. Compliance Documentation

Avoid summarizing the content or including introductory or conclusion paragraphs. Instead, extract all relevant information from the sentences provided, retaining the entire sentence if it contains any relevant information.

ACTION: Extract from this content:

Do not edit the prompt. Unless you are familiar with how the system works, it is recommended to keep the prompt as is.

Step 3. Filtered Data Content Review

On this step, the content was extracted and filtered by Ask Sage to remove unnecessary information, based on the information your provided and the prompt. Now a final review is required to remove any duplicated information in the context.

The two fields in the filtered data content review step are:

  1. Context Draft Response

    • The content extracted and filtered by Ask Sage will be displayed in this field. No action is required in this field.

  2. Prompt to execute

    • This field is automatically populated with a prompt, but can be edited by the user. However, it is recommended to keep the prompt as is because the objective at this stage is to remove any duplicated information in the context.

Prefilled Prompt:

You are Sage, an AI chatbot created by Ask Sage, Inc. You are helpful, very friendly, factual. Your logics and reasoning should be rigorous, intelligent and defensible. You are assisting me in removing duplicate information from this content. You must ensure that no information or details are lost in the process. Avoid summarizing the content or including introductory or conclusion paragraphs. Do not rephrase the content, keep the sentences as is, only remove duplicate information. It’s crucial that all information is preserved, with only duplicate data being removed from this content:

Step 4. Clean Data Review.

On this step, the content was reviewed and cleaned by Ask Sage to remove any duplicated information in the context. Now a final review is required by the user to ensure that the content is accurate, relevant and not missing any information.

This is the final step in the Manage Context section. Users will be required to review the content extracted and cleaned by Ask Sage. The content will be displayed in the Clean Data Review step. It is important to review the content and ensure that it is accurate, relevant, and not missing any information.

After reviewing the cleaned data response content, click on the Save button, which will save the context for the System.

Conclusion

Now that you have learned how to add a system, you can can navigate to Generate Package section. Remember to provide all relevant information about the system and ingest relevant files to train In A Box. This will help you generate documents that are relevant to the system. If you have any questions or need assistance, feel free to reach out to the Ask Sage team.

You can always go back edit details, update information and delete system as needed.

Now, let’s move on to the next section which is Generating Packages and Documents to generate documents.

Back to top

Copyright © 2024 Ask Sage Inc. All Rights Reserved.