Compliance Management ; Actor responsible for review of Controls

Shweta Kharb
Giga Contributor

Hi Everyone,

 

Reaching out to all the experts here. As part of Control Lifecycle management, i see the workflow has now changed as Draft-->Review-->Attest--> Monitor--> Completed.

 

We understood, it is the Compliance manager who is responsible to generate control instances from Control objective level. Initial stage of generated control will be draft. Who is responsible at this time to submit the controls to review and who is the reviewer, before the control goes to Control Owner for attestation.

 

Appreciate the inputs here.

 

Thanks

Shweta

1 ACCEPTED SOLUTION

Community Alums
Not applicable

Hi @Shweta Kharb ,

The lifecycle of the control follows below:

SandeepDutta_0-1716184489862.png

When your control is in the Draft State , someone from you Compliance team preferably Compliance Manager or Compliance User having sn_grc.user" role will move the control to Attest.

Once the Attestation has been done, the same Individual will Review and move the control to monitor.

 

View solution in original post

1 REPLY 1

Community Alums
Not applicable

Hi @Shweta Kharb ,

The lifecycle of the control follows below:

SandeepDutta_0-1716184489862.png

When your control is in the Draft State , someone from you Compliance team preferably Compliance Manager or Compliance User having sn_grc.user" role will move the control to Attest.

Once the Attestation has been done, the same Individual will Review and move the control to monitor.