GRC Control Group Object

Create Control Groups that align with current industry standards such as FedRAMP:2014, ISO 27001:2013, and ISO 9001:2015.

You can add Specified Controls to each Control Group. Control Group is now a Lookup Table object, and you can optionally populate this table. You can use this to help group your controls for organizational purposes. This table is populated with a few examples from HIPAA and ISO 27001.

To provide Object data for the GRC Control Group Object:

1. On the CSM Desktop Client or Browser Client menu bar, select Tools > Table Management.
2. In the Type drop-down list, select GRC Control Group.
3. Create a new Control Group or edit an existing Control Group.
   • Create a new Control Group:
     1. Right-click and select New, or select New from the tool bar.
     2. Provide a name for the control group. This can be the same as the name of one of the Authority Documents (example: ISO 27001:2013).
     3. Provide a control group number.
     4. Provide a control group name.
   • Edit an existing Control Group:
     1. Double-click any example control.
     2. Edit desired fields, and then select Save.