Complete a Controls Assessment

You must complete a control assessment for each PCI control or Custom Control, after selecting the controls for the PCI Compliance Project. It is important to assess each control selected in the compliance project to ensure the control guidelines are successfully being implemented. If the control is not compliant, you must remediate any open findings before implementing the control.

Use the following steps to complete a control assessment:

  1. Select the Compliance Project for which you want to complete the self-assessment for.
  2. On the Control Population tab, select a control.

Note: The Entity being assessed populates the details in the Pre-Assessment details section for Custom Controls and PCI Controls with Periodic Frequency. Pre-Assessment Details captures the Control Matrix template, Risk Analysis Template, Self-Assessment Result, Date, and Method. The 'Ready for Assessment' flag is checked once the required fields in 'Pre-Assessment' section are populated.

  1. In the Control Evaluation section, in the Manual Control Assessment field, select the control status.
  2. In the Control Assessor field, select the user(s) that completed the assessment.
  3. In the Control Performance Observation field, document the control performance result.
  4. In the Evidence field, attach the evidences stored in Archer or from your machine.
  5. Click Save.