- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-10-2019 02:50 AM
Hi all,
Need one very quick help.
Can i have multiple controls linked to 1 Policy Statement (Control Objective) which is tied to a Profile Type (Finance) and i don't check "Create controls automatically", and lastly i create controls manually, link it to the same Policy Statement mentioned above and link to 1 Profile (Tax Department)?
The ask here is, my client has 1 Policy Statement and different controls underneath which is related to 1 Profile, hence, don't want to create controls automatically, as it will duplicate for all Profiles.
Please note- here control 1-3 are different, not with IDs but with name also.
| Policy Statement | Profile Type | Create Controls Automatically? | Control | Control Owner | Profile |
| Statement 1 | Finance | No | Control 1 | Owner 1 | Tax |
| Statement 1 | Finance | No | Control 2 | Owner 1 | Tax |
| Statement 1 | Finance | No | Control 3 | Owner 1 | Tax |
Any quick suggestions / solutions are welcome.
Regards,
Rohit
Solved! Go to Solution.
- Labels:
-
Policy and Compliance Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2019 11:08 AM
You will find the answers in this tutorial:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-10-2019 03:38 AM
Hi Rohit,
Policy Statements are the templates used to create controls. Controls get all their attributes from the policy statement (name, description, frequency, attestation, category…) with the exception of the two fields coming from the Profile (Profile & Owner)
If Policy Statements had been named "Control Templates" this would have been more obvious for users. 😅
So, you can create the controls manually, of course, but linking them to a Policy Statement that don't match the definition is a very bad idea. If the Policy Statement is updated, the Controls manual values will be overwritten. ⚠️
Instead, you may manually link your manually created controls to Policies and Risks (not to Statements).
For automatic controls creation, you can also define some Policy Statements with a Profile Type that only match some of your Profiles using the condition builder. (ie: Only apply if Department name is Finance).
∴
Best regards from Switzerland
Shiva :¬,
If this reply assisted you, please consider marking it 👍Helpful or ✅Correct.
This enables other customers to learn from your thread.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-10-2019 03:53 AM
Hi Shiva,
Thanks for your quick reply.
I understand what you proposed. But the issue i have here is, if i create a Policy Statement (Control Objective / Template) and link it to a Profile Type (Finance), SN architecture convert the Policy Statement as controls and link it to all the Profile under the selected Profile Type (which may not be the case every time). But my ask is, i don't want to duplicate controls for all Profiles when i know this is not the case, hence, wanted to create controls manually and link it to the same Profile and Policy Statement.
Imagine you have to achieve a Control Objective, and to achieve that you have to implement or execute many controls which are related to the same profile, than how do you foresee this? Right now the moment i create new control manually, and link it to a profile and statement which already has a control, it gives me an error (PFA the screenshot for reference).
Hope i am bit more clear.
Regards,
Rohit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2019 11:08 AM
You will find the answers in this tutorial:
