Inherit from a common control

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • After you have created a common control, you can identify other controls that can inherit protection and compliance from that common control.

    Before you begin

    Role required: sn_irm_cont_auth.system_owner, sn_irm_cont_auth.info_system_sec_officer, sn_irm_cont_auth.info_system_sec_manager

    About this task

    Consider this scenario. You and I are system owners. You own hundreds of servers and I own the facility in which they are installed. Based on the impact level of your authorization package, NIST recommends that you implement a given number of controls to protect your servers. However, you do not possess the means to implement two of them:
    • Fire protection
    • Visitor access control

    You are aware that the facility has a fire suppression system, fire alarms, and smoke detectors. You also know that the facility has doors protected by a badge system. So you decide to inherit the protection in those controls from me, as well as the compliance. As long as I am compliant in terms of those controls, you are also compliant.

    Procedure

    1. Navigate to All > Continuous Authorization & Monitoring > All Authorization Packages.
    2. Open an authorization package in the Select state.
    3. Select a control that you want to inherit from a common control.
    4. Select Inherit from Common Control.
      Inherit from Common Control
    5. Select the common control you want to inherit protections from and select Confirm.

      The Inherited Controls related list now shows the control objective and the common control from which it is inheriting protection and compliance.

      Inherited Controls