Create a GRC audit definition

An audit definition establishes a set process for validating controls and control tests. From the definition, audit instances can be generated as a task to power the audit.

  1. Navigate to GRC > Administration > Audit Definitions.
  2. Click New.
  3. Fill in the fields on the form, as appropriate.
    Field Input Value
    ID A unique ID for the audit definition, populated by Number Maintenance.
    Name A name for the audit definition.
    Owning group A reference to a group to have ownership over the audit process.
    Owner A reference to a user to have ownership over the audit process.
    Execution group A reference to the group that will execute the audit.
    Type The type of audit process.
    State Where in the drafting process the definition is.
    Short description A short description of the audit.
    Description A full description of the audit.
  4. Use the related list Control Test Definitions to specify control tests to perform during the audit.
  5. Use the related list Scope to define entities for the audit to refer to.