Control Responsibilities are actionable items linked to Control Sets. Responsibilities are created in the Control Set Builder and managed via the Tasks Module. Responsibilities are linked to Controls in a Control Set.
Create a Control Responsibility
To access Control Sets select Policies and Control Sets from the left navigation panel.
Select a Control Set by clicking the name.
Click the control to open the side panel.
Select the Responsibilities tab at the top of the panel.
Here you can view all, create new, and link responsibilities to controls.
Select the + button to open the create responsibility modal.
Enter name and description, then click the Create Responsibility button.
The responsibility details will populate in the provisions panel where further details can be added.
Click the Add button at the top right of the panel to link the provision to the control.
The Add button updates to a green tick to confirm and the linked control field shows the corresponding control Id and control name.
The linked data field in the control has also been updated to show that the responsibility has been linked.
Edit Responsibility Details
You can update the description of the responsibility by clicking on the text icon at the bottom of the description box.
Assign a responsibility Owner
Users can assign ownership of a responsibility to an individual user or group. Other users who have been assigned will receive an email notifying them of the assignment and due date.
A due date can be assigned via the calendar and be either once-off or recurring at certain time periods
The responsibility can happen yearly, monthly, or weekly via the selected menu.
Assign Responsibility to Members
Responsibilities Members are individuals or groups who are tasked with actioning the assigned responsibility. The member will be able to view their responsibility and what they need to do on their task board. They can then action and supply comments or supporting documentation when completing a responsibility. They will receive an email when they are assigned the responsibility and when the responsibility is due.
Edit the title or delete as required.
Add Comments and assign a risk level to ensure all communications are logged for auditing purposes.
Controls can have multiple responsibilities linked all with individual requirements and actions.
To learn more about controls and linking Authorities, head here.