Skip to content
Galink Help Center home
Galink Help Center home

Flag Findings

Configure automatic findings that are triggered based on vendor questionnaire responses. This allows you to automatically detect security gaps and non-conformities.

What are automatic findings?

Automatic findings are pre-configured rules tied to specific questionnaire answers. When a vendor selects an answer that has an associated finding, that finding is automatically flagged during the review process.

Configuring automatic findings

  1. Navigate to Settings > Questionnaire.

  2. Select the questionnaire you want to configure.

  3. For each choice-based question, select the answer option you want to link to a finding.

  4. Configure the finding:

Note: Only choice-based answers (single or multiple choice) support automatic findings. An answer can link to evidence OR a finding, not both.

How automatic findings work during review

When a vendor submits a questionnaire:

  1. The system checks each selected answer against configured finding rules.

  2. Matching findings are automatically generated in draft status.

  3. The Security Officer sees these findings during the review.

  4. When the review is completed (clicking Complete Review), draft findings become active and are added to the vendor's global Findings table.

Findings during re-review

When a questionnaire undergoes a new review:

  • If an automatic finding already exists for a question, it is not re-added.

  • If a finding was previously deleted, it is re-added.

  • If a question type changes (e.g., text to single choice), all previous data for that question is reset.

  • Findings are separated into two groups in the review modal: new findings and already active findings.

Automatic remediation triggers

When the Remediation Plan feature is enabled, you can configure automatic remediation action creation alongside findings:

  • At the end of a finding configuration, an option allows setting up automatic remediation.

  • Define a due date as a relative timeframe (1, 2, 3, 6, or 12 months).

  • When the review is completed, remediation actions move from draft to live.

Ordering

Findings in the questionnaire review modal are ordered by severity by default (Critical first).

Automatic remediation

When the Remediation Plan feature is enabled

  • At the end of a finding configuration, an option modal allows setting up automatic remediation.

  • Due dates are defined as relative timeframes (1, 2, 3, 6, or 12 months).

  • When the review is completed, remediation actions move from draft to live.

Powered by Plain