Perform an Applicability Assessment

Once an assessment has been scoped, Compliance Team members must review its requirements. All requirements assigned to you and your team will be available in Compliance Management > Determine Applicability > Applicability Assessment

To perform an applicability assessment:

  1. Log into a user account from the Compliance Team user group.
  2. Click the dropdown bar in the nav bar > Compliance Management to display the Determine Applicability activity.

Graphical user interface, application

Description automatically generatedThe Compliance Management activity.

  1. Click a requirement in the Applicability Assessment section to display it.

Graphical user interface, text, application, email

Description automatically generatedThe Applicability Assessment section from the Determine Applicability page.

  1. Review the requirement to determine if it's relevant to your line of business. 
    • The Requirement Name, Description, Subtopic, and Source of Requirement fields may already be completed, depending on the content in your compliance framework.Graphical user interface, text, application, email

Description automatically generatedThe Determine Applicability form.
  2. Click the links within the Requirement Details section to review the specific areas your organization must comply with.

Graphical user interface, text, application, email

Description automatically generatedReview Requirement Details.

  1. Select either Applicable or Not Applicable in the Applicability Assessment field.
If you selected

Then

Applicable

  1. In the Requirement Owner and Requirement Delegate (if applicable) fields, start typing to display a list of available options, then select the relevant user and/or user group.
  2. Optional: Click View Requirement Profile to view this assessment's Requirement Profile report, which summarizes all information about the requirement as well as its attached controls and issues.
  3. Click Send for Risk Assessment. The Requirement Owner will get an email that a requirement has been assigned to them.

Graphical user interface, text, application, email

Description automatically generatedAn applicable requirement.

Not Applicable


  1. Enter your reason for marking this requirement Not Applicable in the Rationale for Not Applicable field.
  2. Click Requirement Not Applicable. The Requirement will move to the Not Applicable workflow state and can be viewed in the Reports application. Note: Only the Compliance Team can reassess a requirement when it’s deemed inapplicable.

Marking a requirement as Not Applicable.