Control Objectives Flashcards
Control objectives can only be scoped with an entity type when ______
in Active state
Control objectives can be associated with more than one __________ and the follow that __________ record lifecycle
policy
Control objectives can be related to these 3 kinds of template records:
test templates, indicator templates, and performance analytics indicators
What are the 3 types of Controls?
Standard (one control per entity), unique (multiple controls per entity), and common (one primary control-entity pair)
What is the Control record lifestyle?
Draft -> Attest -> Review -> Monitor -> Retired
What role is required to modify/edit controls and move into Attest state?
sn_compliance.user
Who can complete control attestations?
only assigned attestation respondents
What should be done if an attestation respondent is not available?
The control returned to draft and reassigned
What role is required to review a control and move into Monitor or return to Draft?
sn_compliance.manager
what may be scheduled for a control in the Monitor state?
Indicators
What happens to controls when the scoped entity becomes inactive?
They automatically retire
How do unique controls provide greater control objective granularity?
Create new controls with unique names scoped within an existing entity, can assign different control owners, and uniquely named controls are included in the compliance score
Which type of control is only available on the Compliance Workspace?
common controls
What happens to a standard control when it is converted to a common control?
retired
How many entities can be processed at a time when migrating entities from standard controls to be reliant entities?
15
