Skip to main content

Control Frameworks in Risk Cloud

Nick
Updated

Overview

Users with Control Frameworks entitlement can see a list of all Control Frameworks being used by your organization on the Controls page, which lives under the Compliance menu.

Control Frameworks - Screenshot 1.png

Control Frameworks across all applications will appear on this page, regardless of a user’s step permissions. However, only users with Build entitlement will see hyperlinks to applications and be able to make changes, which can be done from the Application Build canvas.



How are Control Frameworks defined?

Control Frameworks are workflows meeting the following criteria:

  1. Workflow Type = Control Framework. The Workflow Type can be modified by users with Build entitlement on the Application Build canvas.
  2. Workflow has at least one record.

The Controls page includes both LogicGate-provided frameworks and custom frameworks (for example, Internal Controls).

A Control Framework can also be designated as a Central Framework. A Central Framework is a “framework of frameworks”, helping you map cybersecurity and privacy controls across multiple frameworks. Using a Central Framework (like the SCF) enables your organization to use the Gap Analysis feature to compare frameworks.

If you are expecting a framework to appear on the page, make sure that the above criteria are met. Control Framework workflows with no records will not appear, since they are not actively being used in Risk Cloud.

 

Mapped Frameworks

The Mapped Frameworks column displays Control Frameworks which are directly connected to the current framework through Workflow Mappings. Learn more about Workflow Mappings.



Framework Details

To see the contents of a specific framework, click on the framework name:

On the framework details page, you will see the framework’s description, mapped frameworks, and a pre-built report on the records within the framework. This report is built using the framework’s Primary Field and Summary Fields and will not appear in the Reports module. Users must have read or edit access to at least one step in the framework to navigate to this page:

 

 

How to Add Additional Frameworks

If you would like to add additional Control Frameworks, reach out to your LogicGate Account Team to have them imported into your environment. Browse available frameworks on the Risk Cloud Exchange.

 

Gap Analysis Reports

Users with Gap Analysis entitlement will see a Gap Analysis Reports section at the top of the Controls page. This tool allows users to quickly generate reports to estimate their level of compliance with a control framework based on another framework.

Note: You must designate a Central Framework with mappings to other frameworks to use the Gap Analysis tool.

Read more about Gap Analysis Reports.

Related articles