Step 2: Defining the Scope

Owned by Tristan Mohn (Deactivated)
Last updated: Feb 09, 2023 by Victoria Buhler (Deactivated)
4 min read


Page Contents


Overview

This step defines the program/framework along with the controls you want to scope for the audit. You can remove irrelevant controls from the audit or create a custom audit using different combinations of programs, standards, and audits. It can be skipped by clicking any of the step numbers at the top or by clicking the Next button.



TIP

If your programs, objectives, controls, and other objects are already mapped, it makes completing this step more efficient. 

Mapping Controls to the Audit

The goal of this step is to define which controls should be audited. 

The page for mapping requests to an audit is comprised of three columns as follows:

  • Available Audits – This is the current audit just created in Step 1. Info

  • Controls Mapped – This contains controls mapped to the audit. It will be blank on first page visit.

  • Available Controls – If you made a selection in the Related Program drop-down box on Step 1. Info, the controls in that framework or program are displayed here. If nothing is selected in the Related Program drop-down box, this column displays all controls in the instance.

Adding Controls

To map controls to the audit, complete the following steps:

  1. Your audit is automatically selected in the Available Audits column. 



  2. Select a check box next to a control in the Available Controls column. This activates the Map Controls button.

  3. Alternatively, select the Select All check box to choose all controls in the column.



  4. Click Map Controls. This activates the Map Controls button.

  5. The request moves to the Controls Mapped column and is now added to the audit.
  6. Continue until all appropriate controls are mapped to the audit.

Removing Controls

To remove controls from an audit, complete the following steps:

  1. Select a check box next to a control in the Controls Mapped column. This activates the Unmap Controls button.
  2. Alternatively, select the Select All check box to choose all controls in the column.
  3. Click Unmap Controls.



  4. The control is removed from the audit and added to the Available Controls column.

Displaying Descriptions

To read descriptions of any control or request, complete the following steps:

  1. Select an item in any column.
  2. Click the Details link. 



  3. The control or request opens in a new tab or window and displays all pertinent information.

Finding Controls Mapped to Other Objects

The mapper allows you to easily find and add controls in bulk that are associated with other ZenGRC items.

For example, you can easily map all controls in a few clicks that have already been assessed in a prior ZenGRC audit. This decreases time involved in searching for and mapping controls to an audit and ensures accuracy without manual comparison.

Displaying Controls

To open the dialog box that allows you to search for controls attached to an object, such as the last audit or another program, complete the following steps:

  1. Click the Filters in the Available Controls heading.



  2. Under Mapping relevance, select the item to which the controls you seek are mapped.

  3. This populates the Select object drop-down box where you can select an item, such as a past audit.



  4. Click Select. The dialog closes to display the mapper. If an audit is selected in Mapping relevance, all of the audit's controls display for you to add to the current audit. This ensures the past audit will be correctly replicated in the new audit.

Narrowing the Control Search

To add rules to help with searching, complete the following steps

  1. After making an initial selection n the Filters dialog box, click Add New Rule.



  2. In the Relevant to column, click the drop-down to display an object, which then populates the second drop-down with related items.



  3. Click Select. The dialog closes to display the mapper.

Viewing all Controls

To clear all filters and display all controls in the application, complete the following steps:

  1. In the Filters dialog box, click Clear.



  2. Click Select. The dialog closes to display the mapper.

Searching for Controls

The Controls and the In-Scope Controls columns are searchable. The search boxes are located directly below the column headings. Each search box only searches the information displayed within the column it resides.

TIP

The search within each column only covers words in the titles.


To conduct a search, complete the following steps:

  1. Click inside the applicable Search box.
  2. Type any word associated with the desired title. The system updates the column below the search box in real time.



  3. Alternately, to remove the search term, click the x to the right of the search box.

Completing the Step

To finish this step, complete the following:

  1. Click Next. The Step 3. Requests page displays.

    NOTE

    Continue to the next section - Step 3: Setting up Audit Requests.

Other Helpful Content

•  Access and User Assistance 
•  System of Record List Views  
•  Actions on the Details Page 
•  Creating New Objects 
•  Favorites 
•  Quick Tips for End Users (Printable) 
•  Searching the Left-Hand Navigation

© 2021 Copyright Reciprocity, Inc.
https://reciprocity.com