User Training
Welcome to CERRIX Training
What is CERRIX?
CERRIX is an integrated GRC (Governance, Risk, and Compliance) platform that helps your organisation manage risks, implement controls, and demonstrate compliance. Instead of working with scattered spreadsheets and disconnected systems, CERRIX brings everything together in one place.
This training will guide you through the core modules and show you how to use CERRIX effectively in your daily work.
📹 [VIDEO PLACEHOLDER: CERRIX Platform Overview - 2 minutes]
Quick tour of the CERRIX interface
Main navigation and workspace structure
How to access different modules
The CERRIX Approach
CERRIX follows a continuous improvement cycle that forms the foundation of effective risk management:
Risk → Control → Execution → Testing → Improvement
🖼️ [SCREENSHOT PLACEHOLDER: The GRC Cycle Diagram] Show visual representation of the complete cycle with arrows connecting each stage
Understanding this cycle helps you see how different parts of CERRIX work together:
Identify risks that could impact your organisation
Implement controls to manage those risks
Execute controls consistently and document the work
Test effectiveness to verify controls are working
Drive improvements when gaps or failures are discovered
Then the cycle repeats, with each iteration strengthening your risk management capability.
Core Modules Overview
Risks
Document what could go wrong, assess severity, and link to mitigation measures. Risks provide the foundation for everything else in CERRIX.
Controls
Define and document the measures that reduce or eliminate risks. Controls are your organisation's defence against risk materialisation.
Control Testing
Prove that controls are properly designed and actually working. Testing creates confidence and identifies areas needing improvement.
This module includes three components:
Design & Implementation (D&I) Testing – Verify controls are correctly configured
Control Execution – Document control operation and create audit trails
Effectiveness Testing – Confirm controls work as intended in practice
Measures of Improvement (MoIs)
Track actions that address gaps, findings, or failures. MoIs ensure that problems lead to solutions, not just reports.
Incidents
Register and investigate events when things go wrong. Incidents provide learning opportunities and trigger preventive actions.
Finding Reports
Document audit results, assessments, and required follow-up actions. Finding Reports create accountability for resolving issues.
Data Management
Manage data processing activities for GDPR compliance and privacy risk management. This module documents what data you process, why, and how you protect it.
How Modules Connect
CERRIX modules aren't separate tools – they work together to create a complete risk management system.
🖼️ [SCREENSHOT PLACEHOLDER: Module Integration Diagram] Visual showing connections: Risks ↔ Controls ↔ Testing ↔ MoIs, with Incidents and Audits feeding into the cycle
Risks link to Controls – Show which controls mitigate which risks
Controls link to Testing – Execution records feed into effectiveness testing
Test results link to MoIs – Failed tests trigger improvement actions
Incidents link to MoIs – Root causes lead to preventive measures
Audits link to everything – Finding Reports pull together risks, controls, test results, and required improvements
Data processing links to risks and controls – Privacy risks are managed like any other risk
These connections create traceability. You can follow a chain from initial risk identification through to final resolution, with evidence at every step.
Navigating the CERRIX Interface
📹 [VIDEO PLACEHOLDER: CERRIX Navigation Basics - 3 minutes]
Main navigation menu
Opening workspaces
Understanding the workspace layout
Switching between organisations
Main Navigation
The left-hand navigation menu provides access to all CERRIX modules. Click on any module name to open its workspace.
🖼️ [SCREENSHOT PLACEHOLDER: Main Navigation Menu] Annotate: Point to each module in the navigation (Risks, Controls, Testing, MoIs, Incidents, Finding Reports, Data Management)
Workspaces
Workspaces are your main views of data. Each module has a workspace showing all relevant items (risks, controls, incidents, etc.).
🖼️ [SCREENSHOT PLACEHOLDER: Example Workspace View] Annotate:
"List of items with key information"
"Filter and configuration buttons at top"
"Action buttons (add new, export, etc.)"
"Click any row to open details"
Every workspace includes:
A data table with rows for each item
Filter buttons at the top (advanced configuration, table configuration)
Action buttons like "add new risk" or "add new control"
Export options to download data
Opening an Item
Click on any row in a workspace to open that item's detail view. The detail view shows:
All fields and information for that item
Multiple tabs (e.g., Risk scoring, Linked controls)
History and audit trail
Related items and documents
🖼️ [SCREENSHOT PLACEHOLDER: Item Detail View] Annotate:
"Main information area"
"Tabs for different aspects"
"Save button"
"History tab for audit trail"
Key CERRIX Concepts
Workspaces
Workspaces are your main views of data. Each module has a workspace showing all relevant items (risks, controls, incidents, etc.) with filtering, sorting, and export capabilities.
Linking
CERRIX creates value through connections. Linking risks to controls, controls to tests, findings to improvements – these relationships make your GRC programme coherent rather than fragmented.
🖼️ [SCREENSHOT PLACEHOLDER: Link Panel Example] Show the "Link panel" interface used to connect items
Workflows
Many items in CERRIX follow defined workflows with status progressions. For example, an MoI moves from "Unconfirmed" to "In progress" to "Ready for acceptance" to "Closed". Workflows ensure structured processes and clear accountability.
Roles
Different people have different responsibilities:
Control Owners execute controls
Testers assess effectiveness
Reviewers validate results
Auditors provide independent oversight
Understanding your role helps you focus on relevant tasks.
Catalogues
Risk catalogues and control catalogues provide standardised definitions. Using catalogues ensures consistency across your organisation and makes reporting meaningful.
Business and Framework Dimensions
These connect GRC activities to business structures (departments, processes) and external standards (ISO, DORA, ISAE). Dimensions enable targeted reporting and demonstrate compliance.
🖼️ [SCREENSHOT PLACEHOLDER: Dimensions Selection Interface] Show how Business dimensions and Framework dimensions are selected when creating items
Filtering and Configuration (Used in All Workspaces)
Every workspace in CERRIX offers powerful filtering and configuration options. Learning these once helps you work efficiently everywhere.
📹 [VIDEO PLACEHOLDER: Workspace Filtering and Configuration - 4 minutes]
Opening advanced configuration
Applying filters to columns
Saving and managing presets
Setting a default preset
Applying Filters
Click advanced configuration to open the filter panel
Each column can be filtered individually
Select your filter criteria (equals, contains, date ranges, etc.)
Click apply configuration to refresh the view
🖼️ [SCREENSHOT PLACEHOLDER: Advanced Configuration Panel] Annotate:
"advanced configuration button"
"Filter options for each column"
"apply configuration button"
Customising Table Columns
Click table configuration
Select which columns to show or hide
This helps you focus on relevant information
Click apply configuration
Saving Presets
Presets save your filter and column settings for reuse:
Configure your filters and columns as desired
Click preset management
Enter a descriptive preset name
Click + to save the preset
🖼️ [SCREENSHOT PLACEHOLDER: Preset Management Interface] Annotate:
"preset management button"
"Name field for new preset"
"+ button to save"
"* button to set as default"
Setting a Default Preset
Open preset management
Select your preferred preset from the list
Click ***** (star icon) next to default preset
This preset will load automatically when you open the workspace
Managing Presets
To delete a preset:
Open preset management
Select the preset under manage presets
Click X to remove it
Common Tasks Across All Modules
Creating New Items
Most modules follow a similar pattern for creating new items:
Open the relevant workspace
Click the "add new" button (e.g., "add new risk", "add new control")
Fill in required fields
Link to related items if needed
Click save
🖼️ [SCREENSHOT PLACEHOLDER: Create New Item Form] Show a typical "add new" form with required fields marked
Linking Items Together
CERRIX uses a consistent linking interface across modules:
Open the item you want to link from
Navigate to the appropriate tab (e.g., "Linked controls", "Linked risks")
Click Link panel
Browse or search for items to link
Drag items into the linked area or click to select
Click save
🖼️ [SCREENSHOT PLACEHOLDER: Link Panel in Action] Annotate:
"Link panel button"
"Available items to link"
"Drag or click to select"
"save button"
Viewing History and Audit Trail
Every item in CERRIX maintains a complete history:
Open any item
Click the History tab
View all changes with timestamps and user names
See status progressions and field updates
This audit trail is essential for compliance and troubleshooting.
Using This Training
Each module in this training follows a consistent structure:
Introduction – Why this module matters and what it does
Workspace navigation – How to access and customise your view
Core tasks – Step-by-step instructions for common activities
Best practices – Guidance for high-quality data and effective use
Exercises – Hands-on practice to reinforce learning
Recommended Learning Path
For new users, work through modules in this sequence:
Risks (30 minutes) – Foundation concepts
Controls (30 minutes) – How risks are managed
Control Testing (45 minutes) – Proving effectiveness
Measures of Improvement (30 minutes) – Driving improvements
Incidents (20 minutes) – Learning from events
Finding Reports (20 minutes) – Audit management
Data Management (30 minutes) – Privacy compliance
For experienced GRC practitioners, you can jump directly to specific modules, but refer back to earlier sections for CERRIX-specific navigation and terminology.
Getting Started
Your CERRIX administrator has set up your access and permissions. You'll see modules and organisations relevant to your role.
Your First Steps
Log into CERRIX using your provided credentials or through Single Sign On (SSO)
Explore the navigation menu – Click through different modules to see what's available
Open a workspace – Try the Risk workspace first to see the layout
Apply a filter – Practice using advanced configuration
Open an item – Click on any row to see the detail view
Don't worry about changing data during exploration – you can always discard changes without saving.
Support and Questions
As you work through this training:
Try the exercises at the end of each module
Experiment in your training environment before working with live data
Ask your CERRIX administrator or super users for help with specific questions
Refer back to earlier modules when concepts build on previous material
If there are further questions on the application and/or trainings material, please do not hesitate to contact CERRIX Support.
Ready to begin? Let's start with the Risks module to understand how risk information is captured and managed in CERRIX.
Last updated