Viewing Controls

HOPEX IT Risk Management : HOPEX IT Risk Management : Managing inventories : Inventory of Risks and Controls : Viewing Controls

Viewing Controls

A control is a set of rules and means enabling the assurance that a legal, regulatory, internal or strategic requirement is met.

It should be noted that a poorly implemented control can represent a vulnerability.

Accessing controls

To access controls:

1. See "Accessing the IT Inventory".

2. Click Controls > All Controls.

You can connect controls in the properties page for a control type.

Scope of a control

You can connect a number of object types to a control with HOPEX IT Risk Management.

You can connect:

• the object types present in the standard scope of a control: see “Control scope", page 476

• applications (Scope (IT Assets) section).

Control assessment

The Assessment tab in the control properties window is used to perform a direct assessment using the "Assessment of controls by application" assessment template.

See "Direct Control Assessment".