Learn to interpret the reports for compliance, pertinence settings, and audit
A GRC user can report on the percentage of completion and percent compliant for all control
test instances associated with an authority document, risk, and policy, to ensure that the
company meets its compliance goals.
Table 1. GRC compliance report definitions
||Percentage of control test instances that were successful for the last run.
||Percentage of control test instances that failed for the last run.
||Percentage of control test instances that either passed or failed for the last
Some controls that you import from UCF might not be relevant to your organization's compliance
efforts. By default, compliance reporting excludes GRC components in which the
Pertinent flag is set to false. Only controls in which this flag is set
to true are rolled up in compliance reports to show their impact at the authority document
level. Audit reports include all controls, regardless of the state of the
Pertinent flag, to accurately represent the contents of the audit.
Members of an internal or external audit team can use these reports to view an audit instance
together with the results of the control tests. Open a specific control test instance containing
the results to view audit details and the related observations and remediations.