Control Attributes

Estimated reading: 3 minutes 981 views

What is meant by control attributes?

Control is something you follow as a company to mitigate potential risks. Control is part of a process designed to accomplish a goal. Every control has many attributes that help us understand it better for mapping and implementation purposes.

What are the different types of control attributes?

Controls in TrustOps have the following attributes:

  • Control Name: The name of the control
  • Control Definition: Description of what this control does
  • Control ID: Unique identifier for the control
  • Group: Each control is mapped to a certain group, which is a team or department in your organization.
  • Test Status: This shows if the control is passing, failing, or has not run.
  • Evidence Status: This shows if evidence has been uploaded for the control and if it’s due or outdated.
  • Evaluation Frequency: This is the frequency at which you are testing that your controls are still in place and nothing is out of compliance. This ensures that you are continuously complying.
  • Customers Impacted: The number of contracts is mapped to the control. In the event a control fails, your compliance team gets alerted immediately to act on it and understand the potential business risks of not being compliant.
    The following screenshot shows control attributes.TO Controls Conrol Attributes 1

You can also view:

  • Tests: There are automated tests mapped to each control. You can view the list of automated tests in “Tests” tab.
    The following screenshot shows the automated tests mapped to a control.
    TO Controls Conrol Attributes Tests 1
  • Standards: TrustOps maps every control to a standard. A control is mapped to multiple standards so that you can collect evidence for the control once and satisfy the requirements of multiple standards simultaneously. Go to the “Standards” tab to see all the standards that a control is mapped to.
    The following screenshot shows the standards mapped with a control.
    TO Controls Conrol Attributes
  • Implementation: There are procedures and policies linked to each control. You can view all linked procedures and policies from “Implementation” tab.
    The following screenshot shows the list of procedures and policies linked to a particular control.
    TO Controls Conrol Attributes Implementation
  • Risks: Every control may have risks that are mapped to it. You can view the associated risks from the “Risks” tab.
    The following screenshot shows the associated risks with the control.
    TO Controls Conrol Attributes Risks
    Each control may have a customer contract mapped to it. You can view customer commitments (or contracts) related to the control from “Customer Commitments” sub-tab under “Risks.” You can add or delete the contracts by using “Remove Contract” or “+ Add to Contract” buttons.
    The following screenshot shows the customer commitments or contracts mapped or associated with the control.
    TO Controls Conrol Attributes Risks Customer Commitments

Join the conversation

You might also be interested in

Documentation Templates

Documentation Templates are documents that provide a content outline to meet certain documentation needs....

Backup policy template – Download for free

The Data Backup Plan template helps you document in detail the data backup needs...

HR-13 Employee Handbook/Code of Conduct

HR-13 Employee Handbook or Code of Conduct communicates the organization’s values and ethics. It...

AUTH-1 Single Sign On (SSO)

Single Sign On (SSO) Control is a best practice recommendation for critical systems....

Security Incident Report Template

The Security Incident Report template helps you document the steps used to assess and...

BIZOPS-6 Disaster Recovery Testing

BIZOPS-6 Disaster Recovery Testing control refers to the exercise of identifying the critical systems...

PDP-10 SDLC – Separation of environments

PDP-10 SDLC Separation of Environments is important to maintain separate environments to develop, test,...

Privacy Committee Charter Template

Privacy Committee Charter serves as a foundational document, establishing the framework for the committee's...