GRC Control Group Object

Create Control Groups that align with current industry standards such as FedRAMP:2014, ISO 27001:2013, and ISO 9001:2015.

You can add Specified Controls to each Control Group. Control Group is now a Lookup Table object, and you can optionally populate this table. You can use this to help group your controls for organizational purposes. This table is populated with a few examples from HIPAA and ISO 27001.

To provide Object data for the GRC Control Group Object:

  1. On the CSM Desktop Client or Browser Client menu bar, select Tools > Table Management.
  2. In the Type drop-down list, select GRC Control Group.
  3. Create a new Control Group or edit an existing Control Group.
    • Create a new Control Group:
      1. Right-click and select New, or select New from the tool bar.
      2. Provide a name for the control group. This can be the same as the name of one of the Authority Documents (example: ISO 27001:2013).
      3. Provide a control group number.
      4. Provide a control group name.
    • Edit an existing Control Group:
      1. Double-click any example control.
      2. Edit desired fields, and then select Save.