Review a Requirement

Overview

After the Requirement Owner has reviewed a requirement or one has been updated, they return it to the Compliance Team, who will assess it for residual risk. As a member of the Compliance Team, requirements that have been submitted for your review will appear either in the My Tasks section or the Assess Risk activity.

User Account Requirements 

The user must be part of the Compliance Team or be a Requirement Owner & Delegate to see requirements and requirement details.

Related Information/Setup

Please refer to the Launch an Assessment article for more information on launching and reviewing assessments in Compliance Management. 

Navigation

  1. From the Home screen, click the Home drop-down menu.

    Home Drop-down Menu

  1. From the list of applications, click Compliance Management.

    Compliance Management Application

Reviewing a Requirement

  1. Click a requirement in the Compliance Team Review state to open the Compliance Team Review form.

    Requirement in the Compliance Team Review State

  2. (Optional): In the Requirement Information section, you can use the AI-generated requirement summary feature to provide an AI-generated summary that highlights the key points of the requirement.

    Note:
    By generating a summary, you are agreeing to send selected text for temporary processing by our AI provider in the United States. Click here to learn more about Resolver's use of AI.

    1. Click the Generate AI Summary button to generate a summary. 

      Generate AI Summary Button

      Note:
      The generated AI summary does not persist amongst users and cannot be edited by a user.

  3. (Optional): Navigate to the Review Inherent Risk Assessment section to review the inherent risk. Clicking the Historical Trending will display a chart showing how the inherent risk score has changed over time.

  4. In the Review Control Documentation section:

    1. Click the name of a control to open the Control Review palette. Add any additional details, as needed.

    2. Select the rating that best describes the control in the Control Effectiveness field.

      Review Control Documentation Section

  5. In the Residual Risk Assessment section:

    1. Click the Residual Impact drop-down menu to select the impact of the risk after the controls have been put in place.

    2. Click the Residual Likelihood drop-down menu to select how likely the risk is to occur after the controls have been put in place.

      Residual Risk Assessment Section

    3. Click the Historical Trending tab to view how the residual risk score has fluctuated over time.

      Historical Trending Tab

  6. (Optional): In the Document Issues section:

    1. Click the name of an issue to make any changes or to close the issue as needed.

    2. Begin typing keywords in the search bar to display a list of existing issues. Click on an appropriate issue to add it to the requirement.

    3. Click + to open the Create a New Issue palette. Fill in the fields as required.

  7. In the Determine Level of Compliance section:

    1. Select the requirement's level of compliance in the Compliance Level select list.

    2. Enter any comments on the requirement's compliance level in the Comments on Level of Compliance field.

      Determine Level of Compliance Section

  8. (Optional): Expand the Related Assessments section to view the assessments related to the risk. Clicking on an assessment will display its Requirement Review form.

    Related Assessments Section

  9. Add comments, as needed.

  10. Click one of the following buttons:

    • Remediation Required: Send the requirement back to the Requirement Owner if further input is required.

    • Send to Monitoring: Transition the requirement to the Monitoring state.