Components installed with Audit Management
Activating the GRC: Audit Management (com.sn_audit) plugin adds or modifies several tables, user roles, and other components.
Properties installed with Audit Management and Advanced Audit
Properties are added with activation of GRC: Audit Management.
| Name | Description | Application |
|---|---|---|
| sn_audit.retain_report_attachments |
Retains the previous Word report attachments with the engagement record each time the report is generated
|
Audit Management |
| sn_audit.knowledge_base |
Name of the knowledge base used to publish Audit reports
|
Audit Management |
| sn_audit_advanced.default_adv_notifica tion_duedate_duration | Default duration (in days) from the due date of a milestone, based on which, a notification is sent.
|
GRC: Advanced Audit |
sn_audit_advanced.role_documentation _link |
Documentation link for role requirements for enabling and using advanced
planning feature (with PPM integration). Type: string |
GRC: Advanced Audit |
| sn_audit_advanced.ppm_project_docu mentation_link | Documentation link for project capabilities and role requirements. Type: string |
GRC: Advanced Audit |
| sn_audit_advanced.rollup_documentati on_link | Documentation link for expenses and resources rollup details, from project to related engagement and plan. Type: string |
GRC: Advanced Audit |
Roles installed with Audit Management
Roles are added with activation of GRC: Audit Management.
| Role title [name] | Description | Contains roles |
|---|---|---|
| Audit Admin [sn_audit.admin] |
In addition to the inherited permissions, the audit admin can delete engagements, audit tasks, test templates, and test plans. |
|
| Audit approver [sn_audit.approver] | The audit approver can approve an engagement and audit plan. The user with this role can be a part of approver list and the role is classified as Lite operator role. | sn_audit.reader |
| Audit reader [sn_audit.reader] | The user can view the audit-related entities such as engagements, plans, observations, audit tasks, and has exclusive read access to all the entities in the Audit Management application. This role is classified as a lite operator role. | sn_grc.reader |
| Audit Developer [sn_audit.developer] |
In addition to the inherited permissions, the audit developer can add and delete audit report templates. |
|
| External Auditor [sn_audit.external_auditor] |
External auditors can be assigned as auditors for an engagement and can be assigned to audit tasks. They can view closed engagements, audit tasks that are assigned to them, and closed audit tasks. If the Policy and Compliance Management plugin or Risk Management plugins are installed, they can also view published policies and all controls and risks in the Monitor state. | |
| Audit Manager [sn_audit.manager] |
In addition to the inherited permissions, the audit manager can create audit tasks (such as control tests, activities, walkthroughs, and interviews), engagements, test plans, test templates, issues, remediation tasks, and entities. If Advanced Core is installed, then the audit manager can also create evidence requests. |
|
| Audit User [sn_audit.user] |
In addition to the inherited permissions, the audit user can be assigned audit tasks and create test templates and test plans. The audit user has read-only access to the Risk Management application and modules and the Policy and Compliance Management application and modules. |
|
| Engagement Project
Manager [sn_audit_advanced.engagement_project_manager] |
The audit lead who does advanced planning and could handle plans or engagements. This role is available after GRC: Advanced Audit plugin is activated. |
|
Tables installed with Audit Management
Tables are added with activation of GRC: Audit Management.
| Table | Description |
|---|---|
| Activity [sn_audit_activity] |
Extends Audit Task [sn_audit_task] and stores audit activities |
| Audit Task [sn_audit_task] |
Extends Planned Task [planned_task] and is a generic table for all tasks associated with an audit |
| Base Audit Test [sn_audit_base_test] |
Base table for Test Templates and Test Plans |
| Control Test [sn_audit_control_test] |
Extends Audit Task [sn_audit_task] and stores control tests |
| Control to Engagement [sn_audit_m2m_control_engagement] |
Stores many-to-many relationships between controls and engagements |
| Engagement [sn_audit_engagement] |
Extends Planned Task [planned_task] and stores engagements |
| Interview [sn_audit_interview] |
Extends Audit Task [sn_audit_task] and stores interviews |
| Entity to Engagement [sn_audit_m2m_profile_engagement] |
Stores many-to-many relationships between entities and engagements |
| Risk to Engagement [sn_audit_m2m_risk_engagement] |
Stores many-to-many relationships between risks and engagements |
| Test Plan [sn_audit_test_plan] |
Extends Base Audit Test [sn_audit_base_test] and stores test plans |
| Test plan to Engagement [sn_audit_m2m_test_plan_engagement] |
Stores many-to-many relationships between test plans and engagements |
| Test Template [sn_audit_test_template] |
Extends Base Audit Test [sn_audit_base_test] and stores test templates |
| Walkthrough [sn_audit_walkthrough] |
Extends Audit Task [sn_audit_task] and stores walkthroughs |
| Audit Report Template [sn_audit_report_template] |
Stores the defined xml, html, or script-based audit report templates |
Assessment procedures [sn_audit_asmnt_procedure_control_test] |
Stores the assessment objectives of control tests. Identifier and assessment objectives field values are copied over from the Assessment procedure plan table. |
Assessment procedure plan [sn_audit_asmnt_procedure_test_plan] |
Generated for the test plan. Changes made to the test plan are reflected in the control test table [sn_audit_asmnt_procedure_control_test] |
Assessment procedure templates [sn_audit_asmnt_procedure] |
Stores the assessment objectives |
Test template to Assessment procedure [sn_audit_m2m_test_temp_asmnt_procedure] |
Stores many-to-many relationships between test template and assessment procedure |
Tables installed with Advanced Audit
Tables are added with activation of GRC: Advanced Audit
| Table | Description |
|---|---|
| Audit Task to
Milestone sn_audit_advanced_m2m_audit_task_milestone |
Stores many-to-many relationships between audit tasks and milestones. |
| Auditable Unit sn_audit_advanced_auditable_unit |
Stores auditable units. |
| Auditable Unit To Authority Document sn_audit_advanced_m2m_unit_authority_document |
Stores many-to-many relationships between auditable units and authority documents. |
| Auditable Unit To Business
Application sn_audit_advanced_m2m_unit_business_application |
Stores many-to-many relationships between auditable units and business applications. |
| Auditable Unit To Business
Process sn_audit_advanced_m2m_unit_business_process |
Stores many-to-many relationships between auditable units and business processes. |
| Auditable Unit To Business
Unit sn_audit_advanced_m2m_unit_business_unit |
Stores many-to-many relationships between auditable units and business units. |
| Auditable Unit To
Department sn_audit_advanced_m2m_unit_cmn_department |
Stores many-to-many relationships between auditable units and departments. |
| Auditable Unit To Location sn_audit_advanced_m2m_unit_location |
Stores many-to-many relationships between auditable units and locations. |
| Auditable Unit To Policy sn_audit_advanced_m2m_unit_policy |
Stores many-to-many relationships between auditable units and policies. |
| Auditable Unit To
Product sn_audit_advanced_m2m_unit_product_model |
Stores many-to-many relationships between auditable units and products. |
| Auditable Unit To Vendor sn_audit_advanced_m2m_unit_vendor |
Stores many-to-many relationships between auditable units and vendors. |
| Engagement Project sn_audit_advanced_engagement_project |
Extends Project table and stores engagement projects for engagements. |
| Milestone sn_audit_advanced_milestone |
Extends Planned Task table and stores milestones. |
| Observation sn_audit_advanced_observation |
Extends Triage table and stores observations. |
| Plan sn_audit_advanced_plan |
Extends Planned Task table and stores plans. |