Managing control documentation lifecycle in GRC Manager
Control documentation must be reviewed periodically to evaluate the accuracy and completeness of business processes, narratives, flowcharts, risks, controls, and test plans. GRC Manager enables this review process through a data collection workflow. The Data Collection workflow provides the ability to route the process to specified users to update control documentation. Reviewers can also be added to this workflow to examine and approve updates to control documentation. In this section, we will describe the data collection workflow. There are additional workflows that support the control documentation lifecycle, which will be described in the subsequent chapters. A brief overview of these basic stages is as follows:
1. A GRC Manager Administrator or Business Processor Author creates a business process, documenting assertions, risks, controls, test instructions, attaching appropriate files, and assigning workflow reviewers for the...
