Process Compliance
This report aggregates for each requirement the results of:
• requirement assessments executed directly or via questionnaires from the "Requirement Level Assessment by Regulation and Process" template (average gross result ).
• compliance tests
Access path
Reports > Testing > Process Compliance
Parameters
|
Parameters
|
Parameter value
|
|---|---|
|
Process
|
Mandatory
|
|
Regulation
|
Optional
|
Results
This report proposes several results according to the assessment mode used (direct assessment/by campaign or testing):
|
Result obtained
|
Definitions
|
Origin
|
|---|---|---|
|
Inherent risk (gross)
|
The inherent (gross) risk indicates the risk to which the organization is exposed in the absence of measures taken to modify the occurrence or impact of this risk.
|
Assessments direct and via campaigns
|
|
Control level
|
|
Testing requirements
|
|
Residual risk (net)
|
The residual (or net) risk indicates the risk to which the organization remains exposed after management has processed the risk.
|
Testing requirements
|
The residual risk (net) corresponds to the multiplication of:
• the inherent (gross) risk calculated during the assessment step
• control level calculated during the testing step (compliance tests)
The residual (or net) risk indicates the risk to which the organization remains exposed after management has processed the risk.Summary
Inherent risk (assessments) * Control level (testing) = Residual risk