Security Engagement Portal

Process Documentation & User Guide

Version 1.0 | Last Updated: October 2025 | Next Review: Quarterly

System Overview

User Roles & Permissions

Request Lifecycle

Email Notifications

System Overview

The Security Engagement Portal is a comprehensive request management system designed to streamline security-related requests across three core departments: Governance, Risk & Compliance (GRC),Security Architecture, and Cyber Security Operations.

Key Features

Centralized Request Management - Single portal for all security requests
Automated Email Notifications - Real-time updates to requestors and teams
SLA Tracking - Automated due date calculation based on service catalog
Role-based Dashboards - Tailored views for requestors, team members, and administrators
Analytics & Reporting - Comprehensive insights into request patterns and performance
Activity Tracking - Complete audit trail for all request activities

Supported Request Types

Department	Request Types	Typical SLA
GRC	Risk Assessment, Compliance Review, Policy Exception	24-72 hours
Security Architecture	Architecture Review, Threat Modeling, Security Standards	96-168 hours
Cyber Security Ops	Incident Response, Vulnerability Assessment, Security Monitoring	4-72 hours

User Roles & Permissions

1. Requestor (Standard User)

Submit new security requests
View own requests and their status
Receive email notifications
Add comments to own requests
Upload attachments

2. Security Team Member

View requests assigned to their department
Update request status
Assign requests to team members
Add internal comments and notes
Access team dashboard with workload overview

3. Administrator

Full system access across all departments
Manage team members and assignments
Access comprehensive analytics
Configure service catalog and SLA settings
Override assignments and priorities

Request Lifecycle

Submission

User accesses Security Portal
Completes submission form with title, description, department, type, priority
System validates required fields and calculates SLA due date
Request stored with status "Submitted"

Notification

Confirmation email sent to requestor with request details and ID
Alert email sent to all active security team members in relevant department
"Request submitted" activity recorded in audit log

Assignment & Processing

Security team reviews new requests in dashboard
Team lead or admin assigns request to specific team member
Status progresses: Submitted → In Progress → Under Review → Completed/Cancelled
Comments and updates shared between requestor and team

Resolution

Final deliverables provided and status updated to "Completed"
Closure notification email sent to requestor with resolution details
Performance metrics captured for analytics and reporting

Email Notification Process

Automatic Triggers

Event	Recipients	Email Type
Request Submitted	Requestor + Security Team	Confirmation + Alert
Status Changed	Requestor + Assigned Member	Update Notification
Assignment Made	Requestor + New Assignee	Assignment Alert
Request Completed	Requestor + Team	Completion Notice

Email Content Structure

Requestor Emails

Request ID for tracking
Current status and next steps
Contact information for follow-up

Security Team Emails

Complete request details and context
Direct links to portal for action
Requestor contact information

For questions about this documentation or the Security Portal system, contact the Security Team

Contact: TeamCyberSecurity

Security Engagement Portal

Table of Contents

System Overview

Key Features

Supported Request Types

User Roles & Permissions

1. Requestor (Standard User)

2. Security Team Member

3. Administrator

Request Lifecycle

Submission

Notification

Assignment & Processing

Resolution

Email Notification Process

Automatic Triggers

Email Content Structure

Requestor Emails

Security Team Emails