Compliance

The Compliance module contains compliance overview information, and lists of your authority documents and citations.

Overview

The Compliance Overview is available to compliance administrators and compliance managers, providing an executive view into compliance requirements, overall compliance, and compliance breakdowns.

Table 1. Compliance Overview reports in the base system
Name Visual Description
Compliance Requirements Donut chart Select a wedge to focus on a specific compliance area.
Overall Compliance Donut chart Displays the overall compliance of all the control requirements in the system. Selecting a specific wedge in the previous widget brings that area into focus.
Profile Drop down list Select one or more profiles to view and compare their compliance across multiple items.
Control State Check list Select or clear check boxes to view filter reports by control state.
Compliance by Authority Document Bar Chart Compare level of compliance depending on the selected profile and/or authority document.
Compliance breakdown Multi-level Pivot View a breakdown of control compliance by related authority documents and policies.
Non Compliant Profiles Column Chart Count of non-compliant control requirements grouped by profile.

Authority Documents

Authority documents define policies, risks, controls, audits, and other processes to ensure adherence to the authoritative content.

Each authority document is defined in a record and the related lists on that record contain the individual conditions of the authority document.

The relationships of these authority document related list items are visible in the GRC Workbench in the Policy and Compliance Management application.

Citations

Citations contain the provisions of the authority document, which can be interrelated. Citations break down an authority document into manageable themes.

You can create citations or import them from UCF authority documents and then create any necessary relationships between the citations.