C1Risk is highly configurable. It is meant to provide you context on your controls and enhance your opportunity for optimal performance. Below are a few design options to consider when documenting Internal Controls.
Diagram for Internal Control Design Options
See details for each options:
- Option A - Basic design where each policy is linked to specific internal controls. Each internal control has specific evidence.
- Option B - Policy is link to internal control. Internal control can applied to multiple entities with their specific evidences. Entity (or Assets) are defined at the Evidence level, allowing automation to aggregate assets at the Internal Control.
- Option C - Policy is link to internal control. Internal control can applied to multiple entities. Company is not ready to collect evidence for the internal control so you manually link the asset to the internal control. User will need to maintain the asset mapping to the internal control.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article