FAQs
      Back to home
      2. FAQs

      Adding a control

      This article outlines what a control is and how to add one.

      What is a Control

      Information Security Controls are processes that you implement to modify risks. Controls typically reduce the likelihood of a risk materialising or aim to reduce the impact if it does.

      While your Company Policies describe what must be done, your Controls and the respective Treatment Plans outline how you are going to achieve the policy requirements.

      Adding a Control

      Controls can be accessed and viewed by selecting "Controls" from the left-hand side menu.

      To Add a control, select the ADD CONTROL orange button in the top right-hand corner of the page.

      The Add a control view will open on the right side.

      Name – Enter a name for the control. This should briefly outline the requirement the control is meeting.

      Owner - It is good practice and a requirement of most standards to assign an owner to every control. The control owner is responsible for:

      • reviewing the control on a regular basis to ensure on-going conformance

      • ensuring the Treatment plan is clear and conforms with company policies

      Note: the Owner is defaulted to the person that creates the control but this can be updated.

      Compliance procedure

      A compliance procedure details the process or processes that your company will carry out for the control to successfully modify \ mitigate risk.

      Have a look at some of the suggested compliance procedures in the Adoptech created controls.

      Note: the text box will automatically expand as you add more text, up to a certain size. The text box can be expanded further by dragging the bottom right-hand corner.

      What are Checks?

      Checks are validation that the deliverables in the treatment plan are in place.

      Checks are completed by members of the team to ensure compliance with a control.

      Have a look at some of the suggested Adoptech created checks.

      How do I link a check to a control?

      Additional checks can be linked to a Control using the + Add button. Note that checks must be initially created via the Checks Page, accessible from the left hand side menu. To remove the link between a control and a check, select "Remove from control" from the menu on the right hand side.

      How do I edit a Check?

      Checks can be edited by:

      1. Clicking on the check itself on the Checks page
      2. Via the of a Control edit RHS menu, select the Associated check.

      Policies are linked to controls

      The policies that address the requirements of each of the controls should be linked to their associated controls.

      To link a policy to the control, start typing the name and select the + Add button.

      Each control is linked to a Framework(s)

      Frameworks can be added to a control where the framework is subscribed to in the portal.

      Select ADD to save your changes!

      All changes made in the RHS menu must be saved by clicking on the ADD button at the bottom.

      If you do not want to save your changes, click on: Cancel, the X on the top right-hand corner, or click away from the RHS menu. You will be prompted to confirm that do not want to save any changes.