Scope of a Control
The Scope section of control properties enables connection of controls to other objects:
• Business
processes
processes
• Organizational processes
• Entities
• Risks
• Accounts
• Requirements
• Types of control
Responsibilities concerning Controls
HOPEX Internal Control enables definition of responsibilities of each participant related to a control via the RACI matrix:
• Responsible
• Accountable
• Consulted
• Informed
Responsibility levels
The proposed responsibility levels are as follows:
|
Responsibility
|
Meaning
|
|---|---|
|
Responsible
|
Responsible for execution of required actions.
|
|
Accountable
|
Reporting on progress of planned actions and making decisions.
There is only one "Accountable".
|
|
Consulted
|
Consulted as first priority before an action or decision.
|
|
Informed
|
Must be informed after an action or decision.
|
Specifying control responsible users
In the framework of control assessment via campaigns, questionnaire respondents are Responsibles of control.
For more details on assessment campaigns, see Managing Assessment CampaignsYou can connect several "Responsible" users for the same control in different entities.
To specify the person responsible for a control in a given entity:
1. In the control properties page, expand the Responsibilities section.
To access controls, see Listing Controls.2. Select the Responsible tab.
3. Click the Connect button.
In the dialog box that appears, click the Find button.
4. Select a person in the list that appears and click Connect.
The person appears under the tab concerned. You must now connect the person to an entity.
5. In the Assignment Location field, select an entity to which the person executing the control is attached.
Ensure that an e-mail address is correctly specified in the properties of the person.