Internal Controls is a core element of the Risk Management program. It is used in the following ways:
- tagged in the risk register for the risk it's mitigating
- tagged incidents as a required controls or control issue
- tagged in Evidence so you can reference which control(s) evidence is submitted for
- tagged in policy so your policy can be comprehensive
- tagged in asset so your stakeholders can see the controls required for the asset they are managing
Naturally, when you want to delete an Internal control, you may impact a chain of context that may depend on the control. So C1Risk is making it easy for you to define constraints to your risk management program with the following rules. When you hit a constraint, we recommend you discuss it with the risk team or the respective stakeholder for that process to agree on removing the constraint.
How to delete internal control and define the constraint?
Bulk Operation for IC Delete:
If records has the below related records, Unlink then Delete
Control Library
Risk Register
Evidence
Policy
Asset
If records has the below related records, do not delete. Skip the records for bulk operation.
Test Results
Findings
Test Procedure
Incident
Detail page for IC Delete:
If records has the below related records, Unlink then Delete
Control Library
Risk Register
Evidence
Policy
Asset
If records has the below related records, do not delete. Throw friendly error message: “Unable to delete due to dependencies: Test Results, Findings”
Test Results
Findings
Test Procedure
Incident
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article