Configure approval rules for control objective review

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Configure dynamic approval rules to define who must approve a control objective before it can be published.

    Before you begin

    Role required: sn_compliance.admin

    The control objective workflow property must be enabled.

    About this task

    The control objective workflow uses the dynamic approval rules framework to determine who must approve a control objective before it can be published. No approval rules are shipped out of the box.

    When a control objective owner selects Request Review, the workflow evaluates all active approval rules that apply to the record. If matching rules exist, approvals are generated and the record moves to Review state. If no matching rules exist, the record moves directly to Approved without generating any approvals.

    Any user or group can be configured as an approver through approval rules. When an approver rejects a record, the state returns to Draft. The owner must resolve the issue before re-submitting.

    Procedure

    1. Navigate to All > Assignment and Approval Configurations > Approval Configurations.
    2. Select New.
    3. Configure the approvals for Control objective (sn_compliance_policy_statement) table.
      For more information, see GRC Approval Configurator.

    Result

    When a control objective owner selects Request Review on a record that matches the rule conditions, an approval is generated for each configured approver and the record moves to Review state. The record moves to Approved only after all approvers have approved.