Copla Platform Main Functions Guide

Topics covered on this page:

Main Bar
Home
Copla Stream
Cyber Security
Audit Room
Copla Drive
Dynamic Registers

Main Bar

Here you can:

1. See your company name

2. Change the language of the interface

3. Change UI theme to dark or light

4. See Notifications Center (if you allowed notifications).

In case you need to reset the Notification function, click on URL settings and Reset Permissions button.

5. See your profile details

6. Logout.

Home

Sidebar Home → Dashboard

The Main Dashboard provides a centralized overview of your organization’s progress within the Copla Platform. It displays key information related to:

Framework progress – your overall completion status across assigned frameworks,
Security coverage – visibility into how well your security requirements are implemented and supported,
Tasks – all tasks assigned to you based on your organization’s selected and active frameworks. By default, tasks are filtered by High Priority.

The dashboard helps you to quickly understand your current compliance posture, identify gaps, and monitor overall progress.

Framework Filter & Select Cycle History

Framework compliance in Copla is tracked in cycles. A cycle represents a specific time period during which framework tasks and requirements are evaluated (for example, quarterly or annually).

The Select Cycle History filter allows you to view results from a specific cycle period. This means you can review the status and progress of tasks as they were during that particular timeframe.

This is useful when you want to:

Review progress from a previous compliance cycle
Compare results between different reporting periods
Prepare information for audits or internal reviews

The “Select Cycle History” option is configured on the backend by our team, according to your agreed requirements and setup. If you need any changes to the cycle configuration, please contact our support team or CISO.

Compliance Coverage

This is a radar chart outlining all requirement groups assigned to your company based on framework setup.

The blue line represents the target level to achieve,
The green line indicates your company’s current progress,
The percentage below the chart indicates the progress your company has made with Copla.

Activity

This displays the weekly activity of company users. A user is considered active if they log in to the Copla Platform or complete at least one question from a launched workflow during the week.

Maximum weekly activity is calculated based on one interaction per user per workday. With a standard 5-day workweek, each user can earn up to 5 activity points per week, so for example, with 3 users, the maximum possible weekly activity score is 15 points.

Frameworks in Progress

This displays the Frameworks assigned to your company and your current execution level for each.

If a control has any task with an action under it (e.g., evidence added and pending approval/denial, approved evidence, or declined evidence), the control is marked as “ongoing” and is included in the execution percentage calculation.

Task Status

Approved / Finished – when the CISO reviews the Evidence provided by the client and approves it, the task status automatically changes to Done,
In Progress – when the first piece of Evidence is submitted by the client. The Evidence status becomes In Progress, and the related Task, Control, Requirement, and Framework statuses are also set to In Progress. This indicates that action is required from the CISO,
Declined – if the CISO reviews the submitted Evidence and determines it is insufficient, they can mark it as Declined. The Task, Control, and Requirement statuses then revert to In Progress, indicating that further action from Client is needed,
Not Started – when no Evidence has been submitted. In this case, the Task, Control, and Requirement are automatically marked as Not Started.

Framework Requirments

Each Framework consists of 4 Requirements, each contributing 25% to the total framework execution. Each Requirement contains multiple Controls, which contribute proportionally to the Requirement’s Execution level based on their completion status. Each Control can be either In Progress or Finished, depending on the status of the Task assigned to it. Each Task can be marked as Not Started, In Progress, Finished. Task status is determined by the status of the Evidence linked to it. Each piece of Evidence can be:

Not Started – no evidence submitted,
In Progress – evidence submitted and under review,
Approved – evidence reviewed and accepted by the CISO,
Declined – Evidence reviewed and rejected by the CISO.

Each piece of evidence is manually reviewed and either approved or declined by the CISO.

Sidebar Home → Company Details

In this section, you can view your Company Details that were provided to Copla during the onboarding process. You will also see the assigned frameworks (Packages) that are currently active for your organization.

Reminders

This section is still under development and may not yet be fully functional.

Chatbot Integration (Slack / Teams)

This section indicates whether your organization is connected to our chatbot via Slack or Microsoft Teams. Please note that this setting should not be edited. Additionally, this integration is currently being deprecated and replaced through Copla Stream function.

Framework Cycles

Based on your assigned frameworks, you will also see the configured framework cycles. These cycles define the target period for framework achievement (for example annual or quarterly). For proper cycle configuration and alignment with your compliance goals, please reach us through support@copla.com or your assigned CISO.

Sidebar Home → Users

This page displays all users from your company who are registered on Copla Platform. You can also add new users here, if needed. More details about how to do so are here

User Information Fields

User Name – full name of the user,
Technical System Position – defines the user’s role in the system, particularly for workflow launches. This is managed by Copla system configuration,
Internal Job Title – user’s internal position within your company (optional),
User Email – user’s registered email address,
Activity Status – indicates whether the user is Active or Deactivated in the system.

Copla Stream

Sidebar → Copla Stream

Copla Stream is the platform workspace where you complete technical workflows and training assignments launched for you in Copla.

It allows you to answer workflow questions, track progress, and review completed activities in one place. Workflows are organized into Compliance (technical framework-related workflows) and Trainings (training sessions).

You can start, pause, and resume workflows anytime, while tracking their status under To Do, In Progress, or Completed.

More details here.

Cyber Security

Sidebar → Cyber Security → Frameworks

There are two ways to access your assigned Framework:

1. Dashboard - Framework

The Framework section consists of a list of Requirements, each requirement shows the required Controls represented by color-coded squares:

Green – Control is completed. All associated tasks are marked as Done,
Orange – Control is in progress. Some tasks may be Done, but at least one is still In Progress,
White – Control is not started. All associated Tasks lack submitted Evidence and are Not Started.

2. Sidebar - Cyber Security - Frameworks

On this Framework Overview page all requirements are organized by category. For a quick snapshot, view the radar chart of these categories in the Security Coverage section of the Main Dashboard.

You can click on each requirement to see the controls assigned to it. Each requirement will display its own execution level, helping you identify, which ones need attention and which may already be completed.

Cycle history & Ongoing Cycle indicates the period (annual, quarterly) that this Framework is applicable to. Please note that cycles need to be configured by Copla).

Sidebar → Cyber Security → Requirements

In the Requirements tab, all requirements are displayed together - grouped by category rather than by their parent frameworks:

For each requirement, you’ll see a list of its associated controls and and indication whether they are complete. Within every control, tasks are organized by status. For your convenience there is a “New Evidence” button right beside them.

Click any control to expand and view its tasks. Then, click a task to open its page, where you can review existing evidence or upload new files and comments. This streamlined flow ensures you always know exactly which controls and tasks still need attention.

Sidebar → Cyber Security → Controls

Click the Controls tab to view every control and its current status, so you can quickly spot what’s complete and where your attention is needed.

Click any control’s name to open its detail page, where you’ll find all tasks tied to that control along with their individual statuses.

Sidebar → Cyber Security → Tasks

This section displays Tasks assigned to your company grouped by relevant frameworks. Tasks are organized and can be sorted by severity level. They are also categorized:

Not Started – no proof or Evidence has been submitted. This indicates that the Task has not yet been addressed by your Company,
In Progress – evidence has been submitted by one or more users from your company and is pending review by Copla’s CISO,
Done – CISO has reviewed and confirmed the submitted Evidence, verifying that the Task has been completed by your Company.

You can also add evidence directly from this view. If you click on the name of any Task you will be directed to the Task’s page, where you can review or upload all associated Evidence.

Audit Room

Sidebar → Audit Room → Incident Register List

Log and manage all company incidents. This page provides a full history of incidents, making it easy to include them in reports or share with auditors when needed.

Please note that an incident is any event that:

affected or could have affected the availability, confidentiality, or integrity of systems,
is related to security breaches, unauthorized access, or data leakage,
caused or could have caused a service disruption,
is related to suppliers (third parties), infrastructure, or human error.

An incident must be reported even if it appears minor, was resolved quickly, or is not yet confirmed. The assessment of whether an incident is considered significant (major) is performed after registration. This process is essential for:

compliance with DORA requirements,
proper incident analysis and lessons learned,
potential notification of supervisory authorities (if required).

If you are unsure whether a specific event should be reported, ask CISO for advice.

Sidebar → Audit Room → Cyber Copilot Answers

View all user-submitted answers to workflows, along with additional details.

If a user does not have permission to view company-wide data, they will only see their own responses here. More details here.

Sidebar → Audit Room → Evidence

Review all evidence submitted for your Company’s tasks. This section includes detailed information and plays a key role during audits, as it links directly to each control. More details here.

Sidebar → Audit Room → Trainings Statistics

The Trainings’ Statistics page provides an overview of all trainings that have been launched to your Company’s Copla Platform users.

In this section, you can:

see, which trainings have been assigned to users,
monitor the current status of each training (e.g., not started, in progress, completed),
analyse overall training progress across your organization.

This page helps administrators track participation, monitor completion rates, and ensure compliance with training requirements. More details here.

Copla Drive

Sidebar → Copla Drive

Copla Drive allows you to upload and store your company documents directly within the platform, ensuring everything is kept in one centralized location.

Here you can:

Upload and manage your organization’s internal compliance documents,
Access global-level folders shared with your organization,
View Copla-provided framework documentation, templates, and supporting materials.

This ensures that all compliance-related documentation is structured and easily accessible in one place.

Copla Drive is the designated location where all compliance documentation should be stored to ensure proper task linkage and future automation capabilities.