What is a Generic control?

A generic control is a description of a control that can be performed in your organisation. Generic controls can be scheduled and performed as control tasks through the Project management module.

Fill out or approve the master data for the generic control

You can edit existing generic controls or create new one from this page

Title

Write the name of the generic control e.g. “Re-certification of access rights”

Tags

Here it is possible to create tags that allow the generic control to be searched using an alternative keyword.

Responsibles

Assign the users responsible for documenting the generic control. It is possible to add several users as responsible if necessary. One user can be marked as the overall accountable, by marking this person with the star-icon.

Control category

Set the control category that matches the control:

  • Corrective: The control aims at correcting incidents that has happened.
  • Detective: The control aims at detecting incidents that has happened. A detective control could be “Re-certification of access rights”.

Preventive: The control aims at preventing incidents from happening. A preventive control could be “Periodical update of the IT security policy”.

Control type
  • Controls can be configured to mitigate Risk scenarios in context of a Process, Activity, System, or Contract. An example of a control could be “Re-certification of access rights” to be scheduled to run on selected Systems.
  • Security measures can be configured to mitigate threats and/or vulnerabilities. An example of a security measure could be “Periodical update of the IT security policy”.
Scope

Set the scope of the generic control. The scope determines what type of risk scenarios the generic control can mitigate and what type of projects the generic control can be assigned to.

Description
Policies and Procedures

Link Framework controls to the generic control on the sheet, Framework

Framework controls

Link risk scenarios that can be mitigated by the generic control on the sheet, Mitigations

Risk scenarios mitigated

Link Measures that covers the generic control on the sheet, Measures

Measures
See assessments under the sheet, Assessments
Projects
Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support

Want to hear more?

Let's talk about how our experience and software can help your company.