Regulatory Library Overview
Regulatory library content
The regulatory library constitutes the regulation framework repository applying to an organization. It consists of:
• regulation frameworks
A regulation framework is a set of directives, compulsory or not, defined by a government in a law, by standard bodies as "best practices" or as an internal policy in an organization.
For more details, see Managing Regulation Frameworks.• requirements
A requirement is a need or expectation explicitly expressed, imposed as a constraint to be met within the context of a project. This project can be a certification project or an organizational project or an information system project.For more details, see Defining Requirements.Updating the regulatory library content
The regulatory library is generally supplied by external sources.
The functional administrator imports the following on a regular basis:
• regulation frameworks
• requirements (first and second level)
To execute import:
In the main Menu, select Import.For more details on the import tool, see Exchanging Data with Excel.Legal Inventory Objects
Legal Inventory Context
Regulation Frameworks and requirements can be organized by:
• process (business or organizational)
• entity
• risk
Regulation frameworks and requirements can be:
• connected to risks and to all levels of processes and entities
• connected to several processes, entities and risks
Legal Inventory Hierarchy
Legal inventory repository objects are managed as follows:
The GRC functional administrator manages the hierarchy of the legal inventory and can connect regulations and requirements to processes, entities and risks.