Using Controls Assurance Program Management

This topic explains the Controls Assurance Program Management use case design.

On this page

Controls Assurance Program Management Process

The following diagram illustrates the overall Archer Controls Assurance Program Management process.

Download the source file of the diagram here: Controls Assurance Program Management Process Diagram

Creating Primary Controls

You can define primary controls across the organization that meet the requirements for relevant regulations and standards.

Creating Control Procedures

After primary controls have been created, you can instantiate versions of those primary controls for various organizational or infrastructure entities. Control procedures house instances of controls, which you can use to manage your overall risk monitoring and compliance measuring.

Creating a Compliance Scope Record

The Compliance Scope application allows you to capture a repeated scope of compliance that can be tested consistently. You can determine the scope of testing in the Compliance Scope application and the Compliance Engagement application.

Testing Controls

Controls can be tested at a specific instance level to see whether it passes and then roll the results up to the Primary level to see how the Control performs overall. There are 3 different types of tests: Control Self-Assessment, Design, and Operating. You can create multiple tests in the Compliance Engagement application or individually in each test application.

Managing the Evidence Repository

After controls have been tested, you can manage your evidence repository by creating evidence records, submitting evidence for review, and publishing approved evidence.

ADDRESS	ABOUT ARCHER	CUSTOMERS
13200 Metcalf Ave	Events	Archer Academy
Suite 300	Resources	Archer Exchange
Overland Park, KS 66213	Services	Support
	About Us	Archer Community