Characterizing Action Plans
To specify action plan properties:
1. In the Compliance desktop, select Remediation > Issues and Action Plans > All Action Plans.
2. Open the properties of the action plan.
General characteristics
On the action plan you can specify the following information:
• Name: action plan name.
• Owner: this field is specified by default by the user who created the action plan.
• Owner Entity: entity responsible for action plan implementation.
• Approver: user responsible for validation of the action plan when all actions are completed.
• Means: text description of means required/desired for action plan execution.
• Priority: enables indication of a priority level. Priority can be:
• Low
• Medium
• High
• Critical
• Organizational Level: final objective of plan:
• Global
• Local
• Origin: enables definition of the context of carrying out the action plan:
• Audit
• Compliance
• Event
• Risk
• RFC: Request For Change
• Other
• Category: the action plan can for example be connected to:
• risk impact reduction
• project management
• process improvement
• control performance improvement
• etc.
Other values are available.• Nature: enables definition of whether the action plan is:
• Corrective
• Preventive
• Comment: supplements information on the action plan and its characteristics.
• Steering Calendar: used for sending reminders to the person responsible for an action plan so that they can indicate action plan progress.
A steering calendar for monthly reminder of progress is supplied by default.Financial assertion
• Forecast Cost: action plan cost estimate.
• Forecast Cost (Man-Days): estimate in man-days of action plan implementation workload.
RACI
The action plan Owner responsible for definition of actions to be carried out and their execution.
This field is specified with the name of the action plan creator or with the name of the action plan approver.
For more details on the use of RACI, see "RACI", page 718.Success factors
In the Success Factors section, you can specify in text the success indicators enabling assessment of success of the action plan.
Scope
To position an action plan in its environment, you can associate objects with the action plan in the Scope section.
You can connect objects of the following types:
• Controls
A control is a set of rules and means enabling assurance that a legal, regulatory, internal or strategic requirement is respected.• Applications
An application is a set of software tools coherent from a software development viewpoint.• Risks
A risk is a hazard of greater or lesser probability to which an organization is exposed.• Entities
An entity can be internal or external to the enterprise: an entity represents an organizational element of enterprise structure such as a management, department, or job function. It is defined at a level depending on the degree of detail to be provided on the organization (see org-unit type). Example: financial management, sales management, marketing department, account manager. An external entity represents an organization that exchanges flows with the enterprise, Example: customer, supplier, government office.• Business and organizational processes
A business process represents a system that offers products or services to an internal or external client of the company or organization. At the higher levels, a business process represents a structure and a categorization of the business. It can be broken down into other processes. The link with organizational processes will describe the real implementation of the business process in the organization.An organizational process is a set of operations performed by org-units within a company or organization, to produce a result. It is depicted as a sequence of operations, controlled by events and conditions.• Incidents
An incident is an event occurrence, internal or external, that has an impact on the organization. It is the basic element for collection of data concerning operational risk.Milestones
Milestones are key dates of the action plan.
The planned end date is mandatory.Attachments
You can attach business documents to an action plan:
For more details on the use of business documents, see the HOPEX Common Features guide.