Control Level by Regulation

HOPEX IT Risk Management : HOPEX IT Risk Management : HOPEX IT Risk Management Reports : IT Compliance Reports : Control Level by Regulation

Control level characterizes efficiency level of control elements deployed (controls) to assess the risk.

Access path

Reports > IT Compliance > Control Level per Regulation Framework

Parameters

• End date: today's date by default

• Begin date: corresponds to the end date of the previous year

• Regulations: all regulations are used to filter the controls (mandatory)

A regulation or regulatory framework is a set of directives, compulsory or not, defined by a government in a law, by standard bodies as "best practices" or as an internal policy in an organization.

• Process (optional)

A business process represents a system that offers products or services to an internal or external client of the company or organization. At the higher levels, a business process represents a structure and a categorization of the business. It can be broken down into other processes. The link with organizational processes will describe the real implementation of the business process in the organization. A business process can also be detailed by a functional view.

Click Generate Aggregation to launch the calculations.

Result

This report is presented in tree form that displays an assessment for each element on the path. This path appears as seen here:

Regulation Framework > Requirements> Control Types > Controls

Here is the meaning of each row:

Row	View
Controls	Control assessment average (%) for all connected applications.
Control types	Assessment average for all control types

A control belonging to different type is "counted" several times.

Example