Requirement owners are responsible for documenting issues and ensuring their business unit complies with their assigned requirements by creating new controls or selecting existing controls from the library. Once users in the group have completed their tasks, the requirements are then sent to the Compliance Team for review.
All assigned requirements appear on the My Tasks page.
To review requirements:
Log into a user account that's been added to the Requirement Owner & Delegate user group to display the My Tasks page.
- Click a requirement to display the Requirement Review form.
- Click + in the Review Requirement Details section to review the requirement's details.
- Optional: In the Control Documentation section:
- Click Add Existing Controls to open the Add Existing Controls dialog.
- Begin typing in the search bar to search for existing controls. If any of the controls are applicable to the requirement, click Add.
- Optional: If you wish to add the version of a control that being used by an assessment in another application or business unit, click Assessments and then Add next to the assessment you wish to share with.
- Optional: Begin typing keywords in the Document Issues search bar to display a list of existing issues, then click to select an appropriate issue.
- Optional: Click + to create a new issue:
- Enter a name in the Issue Name field and a description in the Description field.
- Begin typing keywords in the Issue Owner, Reviewed By, Issue Delegate, and SRM - Issues and Actions fields to display a list of available users, then click to select an appropriate user.
- Select an issue type in the Issue Type field. Repeat this process for the Priority, Security Issue Type, Identified By, Issue Status, Completed, and Issue Clarification fields.
- Select a date in the Date Identified field. Repeat this process with the Due Date, Reviewed On, and Issue Resolution fields.
- Fill in the Management Response and Recommendation fields.
- Drag attachments to or click the Issue Field Photo or Issue Additional Attachments fields if desired.
- Click Open Issue.
- Click one of the following buttons:
- Submit for Compliance Team Review: Send the completed requirement to the Compliance Team. The Compliance Team will receive an email notifying them that the requirement has been sent to them for review.
- Return to Compliance Team: If the requirement was assigned to you in error, add comments to the Comments box, then click this button to return the requirement to the Compliance Team.