what are the issue identification rules in audit management ?

ujjwala_678
Tera Contributor

Hello Experts,

Could anyone explain me what are the issue identification rules in audit management

I need these rules to explain in ppt

Please help

 

Thank you,

Ujjwala

1 ACCEPTED SOLUTION

Community Alums
Not applicable

Hi @ujjwala_678 ,

Issues can be created manually to document audit observations or remediations, or to accept any problems. They are automatically generated from indicator results, attestation results, or control test effectiveness.

Various types of issues are created under the following conditions:
Issue
Created when an indicator fails
Control issue
Created when a control attestation is completed indicating that the control is Not implemented
Control test issue
Created when a control test is closed complete with the control effectiveness set to Ineffective
Other issue
Created by the user manually

Remediating an issue marks an intention to fix the underlying issue causing the control failure or risk exposure. Accepting an issue marks an intention to create an exception for a known control failure or risk. Controls that are Accepted remain in a non-compliant state until the control is reassessed. In this way, the issue can be used to document observations during audits.

View solution in original post

2 REPLIES 2

Community Alums
Not applicable

Hi @ujjwala_678 ,

Issues can be created manually to document audit observations or remediations, or to accept any problems. They are automatically generated from indicator results, attestation results, or control test effectiveness.

Various types of issues are created under the following conditions:
Issue
Created when an indicator fails
Control issue
Created when a control attestation is completed indicating that the control is Not implemented
Control test issue
Created when a control test is closed complete with the control effectiveness set to Ineffective
Other issue
Created by the user manually

Remediating an issue marks an intention to fix the underlying issue causing the control failure or risk exposure. Accepting an issue marks an intention to create an exception for a known control failure or risk. Controls that are Accepted remain in a non-compliant state until the control is reassessed. In this way, the issue can be used to document observations during audits.

Community Alums
Not applicable

Hi @ujjwala_678 ,

When you talk about " issue identification rules" in audit universe, i don't think that's currently available what we have today is "Risk Identification" in Advanced Risk Side of it.

You can learn more from : Set up risk identification integration