Step 2. Scope Requirements

In this second step of Program Setup, you will now scope the subset of framework requirements relevant to your program.

To ensure ease in your search for specific aspects of a framework, all the requirements are grouped into sections. For example, maybe you need to focus initially on just the Security aspect of the SOC criteria.

Sections in ZenComply are also known as other commonly used GRC-industry terms like:

• Families

• Domains

• Principles

• Categories

DO YOU NEED HELP SCOPING REQUIREMENTS?

How do I perform scoping?

To Scope requirements, you will need to:

1. Select the requirements specific to your organization’s GRC needs. You can choose from all the available requirements within a specific framework.

2. Confirm your scoped requirements and proceed to Step 3. Set up Audit

Insight & Helpful tips

Here are a few tips to consider while Scoping requirements:

• All the available requirements will be preselected for you upon landing on the Scope requirements page

• Perform searches in the search bar, as well and using the filter function near “Title” to choose the requirements for your first Audit

• Refer to the GRC Frameworks page of ZenComply Help for more information regarding SCF, PCI, SCF, and more.

What am I viewing?

This is where you perform the Scoping of requirements from the framework you selected in Step 1

Here you will see all the possible requirements already chosen under the “Title” heading

You can perform a targeted search in the search bar (i.e. “Physical Access controls”) to choose the relevant controls for your first Audit

View more information in the flyouts, including which SCF controls are pre-mapped to that requirement

Confirm all your scoped controls by reviewing the number of chosen controls (i.e. “3/281” in scope”) in the Scope requirements heading of this page

Use the filter and search functions to review additional relevant requirements.

Open