Configure IT Compliance Manager data filter

  • Release version: Australia
  • Updated March 12, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configure IT Compliance Manager Data Filter

    The process of configuring the IT Compliance Manager data filter involves three key steps: segregating IT-related data, auto-associating related items, and displaying this data in the IT Compliance Home page. This ensures that compliance managers have streamlined access to relevant IT risk and compliance information.

    Show full answer Show less

    Key Features

    • GRC Data Segregation: Users must classify data as IT-related by selecting 'IT risk and compliance' in the Functional domain field available in various GRC compliance forms.
    • Auto-Association: When an object is marked as IT-related, all associated items are automatically tagged as IT-related as well. The configuration settings for these relationships are managed in the Functional domain configuration table.
    • User Actions Tracking: Manual actions for tagging are recorded in a dedicated table, enabling tracking of user interactions with the Functional domain field.
    • Scheduled Jobs: A daily job automates the process of reading user actions and ensures that child objects are correctly associated with the IT risk and compliance domain.

    Key Outcomes

    By following these steps, IT Compliance Managers can efficiently filter and display only the relevant IT risk and compliance data within the Compliance Workspace. This targeted approach enhances data visibility and supports better compliance management practices.

    There are three distinct steps that must be followed to segregate, associate, and display the IT-related data for the IT compliance manager to view in the IT Compliance Home page.

    GRC data segregation

    In all the Compliance Workspace related forms, the Functional domain field is added in the Settings tab to segregate a particular data and classify it as IT related data. The user must add IT risk and compliance as the functional domain.

    Figure 1. Functional domain field
    Functional domain setting.

    The Functional domain field is available in all GRC compliance and audit workspace related forms such as Entity, Control, Control Objective, Policy, Authority document, Citation, Entity type, Entity class, Issue, Indicator, Indicator template, Acknowledgement campaign, Policy exception, Engagement, Test template, Test plan, Issue triage, Observation, Plan, Audit task, Milestone, Evidence request, and Evidence.

    Auto-association of the segregated data

    If an audit or compliance object is identified as IT related, then all the related items associated to this object are also identified as IT related. The Functional domain configuration [sn_grc_functional_domain_configuration] table stores the data registry relationship between the parent object and its related child objects within the IT risk and compliance functional domain.

    For example, if an entity is classified as IT related entity, then all the controls associated to this entity are auto-associated as IT-related controls. The related child object has all the configurations defined such as the parent table, the child table, and the relationship between the two.

    As a system admin, you can define this configuration by navigating to GRC Administration > Functional domains > Domain inheritance. User must manually add the tag, functional domain, in the base forms such as Policy, Authority document, Entity type, Entity class, Entity, Plan, Engagement for auto-tagging the child records. When a parent table is tagged with a particular functional domain, and if the user removes the tag from one of its child records, then the removed tag is not added during auto-association. Similarly, if the user manually adds a tag, then the added tag is not removed during auto-association. The GRC functional domain user action [sn_grc_functional_domain_user_action] table captures and stores all manual actions of the user in the Functional domain field of the record that belong to a particular table in the respective functional domain.

    For more information on setting up auto-tagging, see the IT Compliance Workspace – Setup and Configurations for auto-tagging [KB1124058] article in the Now Support Knowledge Base.

    Figure 2. Functional domain configuration
    Functional domain configuration.

    A scheduled daily job (GRCObjectsFunctionalDomainChanges) runs and gathers the user's manual actions recorded in the table to read these relationships, auto-associate the child object to IT risk and compliance functional domain, and auto-populate the record in the related item of the parent table.

    For more information on the tables used for IT compliance workspace, see Components installed with Policy and Compliance Management.

    Display segregated data to IT compliance manager in IT Compliance Home page

    The IT compliance manager is the user who can access the IT risk and compliance data in the Compliance Workspace. In the List view of the Compliance Workspace, there is a filter that restricts the display of all audit and compliance data but refines to display only the IT risk and compliance data. The filter uses the Functional domain field in the all the audit and compliance related base forms to filter and display the IT related data in the Compliance Workspace List modules.

    Figure 3. IT risk and compliance data filter
    IT risk and compliance data filter.
    Note:
    An admin or any user with both corporate compliance manager and IT compliance manager roles can view two list modules with the same name.