What verifications are defined for controls and control execution tasks?
This description relates to the default definition of the configuration file and reports.
Report name
Verify semantics for controls and control execution tasks
Verifications to be performed
Controls
The report verifies whether:
the required attributes are set:
Name
the control is unique within the modeled business controls diagram.
a control has an occurrence in no more than one business controls diagram.
the Synchronize ARCM attribute is set to true. Only controls for which this attribute is activated are considered.
the controls are connected to a risk for which the Synchronize ARCM attribute is set to true (does not apply if the verification was started on a risk diagram for which the Synchronize ARCM attribute is set to true).
the controls are each connected to a maximum of one control manager group.
Control execution tasks
The report verifies whether a control execution task is linked to the control. If so, verifies whether:
the required attributes are set:
Name and
Control documentation frequency and
Time limit for documentation of control execution in days and
This attribute is not mandatory if the Control documentation frequency attribute has the value Event-driven.
Start date and
This attribute is not mandatory if the Control documentation frequency attribute has the value Event-driven.
Length of documented period
a control execution task is linked to only one organizational unit.
a control execution task is linked to only one group (there must be only one Control execution owner group).
the Event-driven control documentation allowed attribute is set to true, when the value Event-driven is set for the control documentation frequency.
the start date is before the end date.
the control execution task is unique within the modeled business controls diagram.
a control execution task has a single assigned control. A control can have multiple control execution tasks but each control execution task can only ever have one control.
a control execution task occurs in no more than one business controls diagram.