Control Reviewer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Who is the responsible to review the control ? Is it control owner or a separate person as I don't see any field on for reviewers on the control form ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Hi @gourav_aggarwal,
I believe there's no universal answer. It'll depend on particular process in a particular company... imagine approvers, it's never easy to say who it is depending on what's being approved and in this case what's being reviewed...
/* If my response wasnāt a total disaster āļø ā drop a Kudos or Accept as Solution ā āļø Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago - last edited 4 weeks ago
@gourav_aggarwal i agree with @GlideFather , there is no universal answer for this. Out of the box, any user with compliance manager role should be able to review the control and move to monitor state so there is no specific field for reviewer.
Best practice, control performer (control owner) and control reviewer should be different person , control owner just need compliance user role to work on control (draft ->Analyze) but to move control from REVIEW to MONITOR, you need compliance manger. control owner is from 1st line of defense and control reviewer is from control line of defense.
It depends on how you are managing persona and roles, if control owner has compliance manager role, he will be able to move control from REVIEW to MONITOR
