Receptors & Integrations
      Back to home
      1. Trustero Support
      2. Trustero User Guide
      3. Receptors & Integrations

      Azure DevOps Boards Receptor

      How to user Azure DevOps Boards as evidence in Trustero

      The Azure Boards receptor allows you to attach Azure Boards work items as evidence to controls you select. The work items are determined by an Azure Boards Query. To get Azure Boards work item evidence onto a control, simply create a query in Azure Boards to select the relevant work items and then map the query to the controls.

      Best Practices

      • Relevant: Select Azure Boards work items that are relevant to the particular control you want to link them to. Adding unnecessary Azure Boards work items to a control will make interacting with and evaluating it slower.
      • Time-bound: Consider limiting the Azure Boards query to the relevant time frame of a given audit. For example, there is no need to return all Azure Boards work items when just retrieving those created since the beginning of an audit will suffice.
      • Classified: Use labels, projects, areas, or other fields to organize Azure Boards work items. This makes it easier to retrieve the relevant Azure Boards work items for controls by filtering for a given value in a specific field.

      Example Scenario

      For example, take a control for user access requests:

      IAM02 User Access Authorized by Management

      Access rights are properly assigned and approved by management based on job title and responsibilities.

      This control requires a list of user access request work items as evidence. These could be tracked as work items in Azure Boards. To provide evidence for the control, simply create a query that selects the relevant work items in Azure Boards and associate it with the IAM02 control in the Trustero Azure Boards Receptor.

       

      1. Create a Queue Create a Query in Azure Boards
        1. Navigate to Azure Boards.
        2. Select Boards from the left navigation panel.
        3. Click on Queries.
        4. Click New Query.
        5. Configure the query with the desired filters, such as work item type, project, tags, and created date, to identify the relevant work items to be imported as evidence.
        6. Save the query and give it a meaningful name.
        7. Share the query with the necessary users or teams if required.Azure Boards Queries
      2. Map control(s) to queue(s) - Azure Boards receptor config with IAM02 mapped to queue createdConfigure Azure Boards Receptor
      3. Evidence is automatically added to the control(s)Azure Boards Evidence