Managing controls using frameworks

Use frameworks to maintain a master copy of risks and controls for your projects.

What is a framework?

A framework is a master copy of risks and controls that you can use to build projects. Frameworks are helpful for managing changes to risks and controls in an evolving regulatory and business environment.

How it works

First, you create a framework and define objectives, risks and controls in the framework. Then, you import controls from a framework into one or more projects.

When you import a control from a framework to a project, you also import associated risks and test plans. Any risks and controls imported to a project are linked to the risks and controls in the framework.

Different ways of using frameworks

You can use frameworks to manage risk and control changes in multiple projects, or to build the main structure of alike projects, and customize those projects as needed. You can also build frameworks from projects.

Option Steps
Manage changes to risks and controls in a framework and sync changes to projects

  1. Create a framework.
  2. Define objectives, risks, and controls in the framework.
  3. Import framework controls to projects.
  4. Edit risks and controls in the framework.
  5. Sync changes in the framework with projects.
Initially build projects using a framework and then customize projects as needed

  1. Create a framework.
  2. Define objectives, risks, and controls in the framework.
  3. Import framework controls to projects.
  4. Add risks and controls to projects or edit risks or controls in projects, as required.
Build a master copy of risks and controls from multiple projects

  1. Create a framework.
  2. Import controls from projects to the framework.
  3. Add risks and controls to the framework or edit existing risks and controls in the framework, as required.

Tip

Importing controls from a project to a framework does not create an association between the project and framework, and allows you to efficiently populate your framework with relevant data.

Other best practices for using frameworks

There are a variety of strategies you can use to effectively make use of frameworks.

Example

Building projects using frameworks

Scenario

Previously, you created three projects that are all IT related:

  • IT General Controls Review
  • IT Compliance Issue Management
  • Cybersecurity Review

You recognize that there are similar controls that need to be set up within each project, and you want to be able to create one set of controls that can be used across all projects.

Process

You create a new framework called IT General Controls Framework, and you define the objectives, risks, and controls within the framework. Then, you import the controls from the framework into each project.

Result

The risks and controls in the framework are linked to the risks and controls in the projects. You can now either update the projects as needed, or ensure that updates made to risks and controls in a framework propagate to the appropriate projects by syncing projects with frameworks.

Permissions

Projects Admins, Project Creators, and users assigned the Professional Manager or Professional Users role within a framework can create frameworks and sync projects with frameworks.

Users assigned the Contributor Manager or Contributor Users role within a framework can edit all controls within an objective if they have been assigned objective owner, or specific controls if they have been assigned control owner on individual controls.

Create a framework

Note

Interface terms are customizable. Depending on your organization's settings, some terms may be different.

  1. From the Projects homepage, under Planning And Results, click Frameworks.
  2. Click Start a New Framework.
  3. Enter a name and description for the framework.
  4. Select a project type from the drop-down list.

    Ensure that you select a workflow (Internal Control or Workplan) that matches the workflow of the project you want to build. For more information, see Workflows and project types.

  5. Click Save.

    Result The new framework is created.

Next steps

Use this simple workflow to build a project using a framework: Frameworks quick start

[ Back to top ]

(C) ACL Services Ltd. All Rights Reserved. Friday, December 7, 2018