Creating a Compliance Engagement (IT Controls Assurance)
The Compliance Engagement application allows users to manage their testing life cycle, auto scope records, and create multiple tests at once.
Here are the tasks to create a Compliance Engagement:
- Complete the General Information section.
- Complete the Engagement Milestones section.
- Complete the Summary tab.
- Click the Staffing tab.
- Complete the Resources section.
- Click the Scope tab.
- In the Scoping Method section, do 1 of the following:
- Scope using specific compliance scope records.
- Scope using specific control sets and compliance scope records covering those control sets.
- Scope using specific control sets and control procedures covering those control sets.
- (Optional) Click Add New or Lookup to associate compliance scope records, business processes, primary controls, applications, devices, information assets, storage devices, and facilities as needed in the respective sections.
- Click the Testing tab.
- In the Test Generation section, do the following:
- Define the scope of the testing, Full or Partial.
- Select 1 or multiple control tests to create.
- (Optional) Define meta data to be populated in every assessment.
- Click Queued.
Click Generate Tests.
- (Optional) Click Add New to associate control self assessments, design test results, operating test results, control 302 certifications, and operating effectiveness testing packages as needed in the respective sections.
- Click the Additional Testing tab.
- (Optional) In the Technical Control Manual Assessment section, do 1 or both of the following:
- Select an existing technical control manual assessment record.
- Create a new technical control manual assessment.
- Click the Wrap-Up tab.
- Complete the Engagement Summary field.
Download the source file of the diagram here: IT Controls Assurance Compliance Engagement Diagram
