Compliance Case form
Use the Create Compliance Case form in the GRC: Compliance Case Management application to report a compliance case.
See the following table for a description of the field values.
| Field | Description |
|---|---|
| Number | Number of the case. This field is automatically set to a case number. |
| Name | Name of the case. For example, Verdict of a lawsuit leaked. |
| Type | Type of the case. This field is automatically set to Compliance case. |
| Sub-type | Sub-type of the case. For example, Fraud and Embezzlement. |
| State | Workflow state of the case. This field is automatically set to New. |
| Priority | Priority of the case:
|
| Requester | Person who reported the case. |
| Requested on behalf of | Name of the person you created the case for. |
| Primary entity | Entity that is affected by the case. This field is automatically set to the entity that is identified in the Impacted areas related list. |
| Entity owner | User who is the owner of the entity. This field is automatically set based on the entity that is selected in the Impacted areas related list. |
| Description | Brief description of the case. |
| Assignment | |
| Assignment group | Group that is assigned to the case. Note: The assignment group is preconfigured to the case type during the configuration setup. |
| Watch list | User who must be informed about the case. |
| Case analyst | Analyst who can analyze and work on the case. The case analyst is a part of the assignment group. |
| Accountable executive | Executive who is accountable for the case. |
| Primary origin | |
| Location | Location where the case occurred. For example, Japan. |
| Sub-location | Sub-location of the case occurrence. For example, the sub location is Tokyo. |
| Impacted business unit | Business unit that is affected by the reported cases or events. For example, Finance. |
| Impacted department | Department that is affected by the case. For example, Customer support. |
| Source | Source from which the case is reported:
|
| Source record | Source record of the source object from where the case is created. For example, if the case is reported from risk events, then this field displays the name of the risk event from which the case is reported. |
| Additional source | Mode of how the case is reported when the case is created manually. This field is available only when Manual is selected from the Source field and the record is
saved. The choices are as follows:
|
| Schedule | |
| Date of occurrence | Date when the case occurred. For example, the case may have occurred on 18-02-2024. |
| Date of discovery | Date when the case was discovered. For example, the case may have occurred on 18-02-2024, but was discovered on 12-03-2024. |
| Case creation date | Date when the case was created. This field is automatically set to the current date and time. |
| Case closure SLA | Expected date of the case closure. This date is automatically calculated based on the case creation date. |
| Investigation planned start | Planned start date to investigate the case. |
| Investigation planned end | Planned end date to investigate the case. |
| Investigation actual start | Actual start date of the case investigation. |
| Investigation actual end | Actual end date of the case investigation. |
| Remediation planned start | Planned start date to remediate the case. |
| Remediation planned end | Planned end date of the case remediation. |
| Remediation actual start | Actual start date of the case remediation. |
| Remediation actual end | Actual end date of the case remediation. |
| Breach analysis | |
| Breach status | Status to indicate if a breach has occurred or not:
|
| Reporting status | Status of the case being reported to the regulators. This field is automatically set based on the reporting status of the regulations that are associated with the case. If a case has many regulations and even if one regulation is identified as reportable, then the reporting status of the case is set to reportable. The default value of this field is To be determined. |
| Breach start | Date that the breach started. This field only appears when Breach detected or Future potential is selected from Breach status. |
| Breach end | Date that the breach ended. This field only appears when Breach detected or Future potential is selected from Breach status. |
| Breach significance identified | Date when the user identifies that the breach is significant. This field only appears when Breach detected or Future potential is selected from Breach status. |
| Root cause analysis | |
| Primary cause | Primary cause of the case reported. This field is automatically set to the primary cause that is selected in the Cause and consequences related list. |
| Consequences | Consequences from the primary cause of the case reported. For example, damage to physical assets. |
| Overall observations | Observations made regarding the case. |
| Remediation taken | Option to indicate if the remediation measures have been taken to address the case:
|
| Overall preventive measures | Preventive measures taken to re-mediate the case. |
| Activity | |
| Work notes (Private) | Notes or information about the case. |
| Additional comments (Customer visible) | Additional information about the case that you want to share with the customers. |
| Save | Save the details of the compliance case. |