Under any defined group or subgroup in Organization Content, you can create one or more new control objectives as the starting point to define one or more policy controls and subcontrols that address the new control objective. To create a control objective, you must have the Control View and Control Author permissions.
To modify an existing control objective, click Edit.
To create a control objective:
In the RiskVision, go to Content Risks > Controls and QuestionnairesQuestionnaires.
Expand Organization Content and select a group.
Optionally, structure your content in a new root folder by creating a new group. The group details page is displayed.
Click New Control Objective.
Enter the following fields:
Title. The title is the label that identifies the control objective.
Objective. The Objective statement specifies the purpose of supporting controls that enforce, check, or verify risk measurement and compliance with organization policies and goals.
- Identifier. Enter an optional identifier for the new control
Weight. The Weight value indicates the weight assigned to this control objective when paired with others in an assessment. When compliance and risk scores are rolled up, values are calculated based on the percentage this control object's weight contributes to the total weight of objectives at the same level in a hierarchy.
Status. The Status field lets you specify the stage of associated control development or completion. Later on, you can use this information to identify and track progress in various stages of completion.
- Version. Enter the new control objective's version in any consistent format.
- Categories. Assign a category to the control objective.
- Target Entity's Preferred Ownership. Choose users, teams, and roles to be preferred owners of the new control objective.
- Other Information/Notes. Enter additional information about the control objective.
The Reference Numbers field lets you specify information corresponding to related control framework or regulation reference number like ISO-17799 1.4.1 for example. To enter multiple reference numbers, you can include the reference numbers in a comma-separated list.
Click Save.
