View controls in grid view

  • Release version: Australia
  • Updated April 6, 2026
  • 2 minutes to read

    • View and edit controls and their requirements in a hierarchical data grid that enables bulk operations and in-line editing.

    Before you begin

    Role required: sn_grc_cam.manager, sn_grc_cam.admin or sn_grc_cam.isso

    About this task

    The Controls tab displays a hierarchical data grid where you can expand controls to view their requirements. The grid view enables you to edit multiple controls without navigating between records. This enables you to add implementation statements or perform bulk operations.

    Procedure

    1. Navigate to All > CAM Workspace and select the List icon.
    2. From the Authorization packages in the RMF list, select an authorization package.
    3. Select the Controls tab.
      The hierarchical grid view displays by default, showing controls with expandable requirements.
    4. To expand a control and view its requirements, select the expand icon next to the control.
    5. To expand all controls at once, select the expand icon in the Reference column heading.
    6. To open a control or requirement record, select the link in the Reference column.

    What to do next

    Edit implementation statements:

    • Select the Implementation Statement cell
    • Enter or modify the text
    • Implementation statements are editable only when control state is in Draft and the authorization package is in Implement step

    Edit attestation respondents:

    • Double-click the Attestation Respondents cell
    • Add or remove respondents
    • Attestation respondents are editable throughout the lifecycle regardless of state

    Create attestations:

    • Select one or more controls
    • Select Attest
    • The system creates attestation records and updates control state to Attest

    Edit control status:

    When attestation is skipped for a package, you can directly edit the status of a control or control requirement. The available status values are Compliant, Non-Compliant, and Not Applicable.

    The following role-based rules determine who can edit the status and when:

    • Control Owner or System Owner can edit the status when the control is in Draft state.
    • ISSO, ISSM, and CAM Admin can edit the status when the control is in Review state.

    An implementation statement is required before changing the status of a control or control requirement. The status change is blocked if no implementation statement is present.

    The following validation rules apply when setting a status to Compliant:

    • A control cannot be set to Compliant if one or more of its control requirements is Non-Compliant.
    • A control or control requirement cannot be set to Compliant if an open issue is associated with it.

    The following parent-child syncing rules apply when status changes:

    • When a control requirement (child) is set to Non-Compliant, the parent control's status is automatically updated to Non-Compliant.
    • When a control (parent) is set to Compliant, control requirements with an empty status are automatically updated to Compliant.

    Change the owner:

    A compliance user can update the owner of a control when the control is in Draft state.

    Customize columns:

    • Select the three-dot menu icon
    • Select Personalize Columns
    • Show or hide columns as needed