A document repository is used for storing critical documents, such as audit material, security plans, and sensitive information pertaining to each domain in your organization. You can also refer stakeholders to useful information on the Internet or your intranet using web references. If your user role has sufficient permissions, you can upload files of any kind to share in the repository, as well as refer to specific websites.
Typically, the document repository is available on the Content, Risks, and Administration menus in RiskVision.
In addition to the shared document repository, documents and weblinks/network paths can be uploaded and associated with various RiskVision objects, including entities, controls, programs, contracts, policy documents and so on. These objects have a Documents tab in their detail pages. The user permissions control the associated documents to view, upload, or perform any action.