Review the policy exception and extension request using the Compliance Workspace

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • After reviewing a policy exception request using the Compliance Workspace, a compliance manager can accept or reject the request. However, if the compliance manager doesn't have enough information to decide, they can request a risk assessment by the risk manager.

    Before you begin

    Role required: sn_compliance.manager

    Procedure

    1. Navigate to All > Policy and Compliance > Compliance Workspace.
    2. In the Compliance Workspace, select the List icon icon.
    3. Select All policy exceptions in the Policy exceptions list.
    4. Select the link to the policy exception record in the Name column.
    5. Perform one of the following actions.
      OptionAction
      To view or add impacted controls to the policy exception
      1. Click the Impacted Controls tab.
      2. Click Add or Add All.
      3. Choose the controls to associate to the policy exception.
      To view mitigating controls on the policy exception Click the Mitigating Controls tab.
      To view or add risks to the policy exception Click the Risks tab.
      Note:
      This option is available when Risk Management plugin is also activated.
      To view or add approvers to the policy exception Click the Approvers tab.
      To request extension
      1. Click the Request extension button in the Details tab.
      2. Select a valid date that is later to the Valid to date in the Extension date field.
      3. Select a reason from the list in the Extension reason field.
      4. Enter relevant information, if any, in the Additional comments field.
      5. Click the Request button.
    6. Perform one of the following actions.
      OptionAction
      To approve the policy exception

      Click Approve.

      An email notification is sent to the requester that the PER was approved and goes into effect.
      To reject the policy exception

      Click Reject.

      An email notification is sent to the requester that the PER was rejected and the request is closed.
      To approve the policy extension

      Click Approve Extension.

      An email notification is sent to the requester that the extension request was approved and goes into effect.
      To reject the policy extension

      Click Reject Extension.

      An email notification is sent to the requester that the extension request was rejected and the request is closed.
      To request a risk assessment on the policy exception

      Click Request Risk Assessment.

      An email notification is sent to the risk managers group.

      Note:
      This option is available when Risk Management is also activated.
      To request business owner approval

      Click Request Business Owner Approval .

      An email notification is sent to the business owner.
    7. Click Update.