Control Management

1. Overview

The Camms Control module lets you identify the effectiveness of the existing controls within your organisation. The Controls module will enable controls to function independently, with no mandatory links to Risk. Controls will operate as a standalone module, which can be combined with Camms products such as Risk and Compliance.

The Camms Control module will include features such as:

  • A Control Register directly accessible from the left-hand navigation menu.

  • Link and monitor Controls to additional entities.

  • Add/edit/delete Controls against a Compliance record and assess the Control effectiveness against the linked record.

  • A dedicated Settings area for Controls where you can configure the Control Rating, Field Configuration, Custom Lists, Control Register Configurations, and Email Notifications.

  • Permissions to set granular level access to Controls.

  • Option to configure the Control Register as the default homepage.

2. Pre-conditions

  • Control Settings – To configure all Control Settings (Control Ratings, Field Configurations, Register Configurations, Custom Lists, and Notification Configurations), see article: Framework – Control Settings.

  • Control Register – To view all created Controls, see article: Workflow – Control Register.

3. Creating a Control

A Control can be created using the following three methods:

  • Control Register – Access the Control Register via the left-hand navigation menu or via Menu > Workspace > Control Register, and click on the + New button at the top of the page. This will direct you to the 'Control Details' page.

Figure 3.1
  • Left-hand Navigation Menu – In the left-hand navigation menu, click on the + add new icon and click Control. This will direct you to the 'Control Details' page.

Figure 3.2
  • Control Record Grid – Access a Risk record and within a Risk Assessment tab, click the Add New button in the under the section where Controls are listed. This will direct you to the 'Controls Record Detail' page in a popup window.

4. Control Details

Control Details can be added into the system independently when done via the Control Register or the Left-hand Navigation Menu as detailed above.

4.1 Control Details Tab

The Control Detail tab will let you input details of your organisation's control details. Fill in all mandatory details and click Save at the top of the page to save details into the system.

Field name

Description

Field name

Description

Status

Select from a dropdown if the control is Active or Inactive.

Control Type

Select from a dropdown the control type.

Control Title

Enter a control title.

Control Owner

Select from a staff dropdown the control owner.

Control Owner Rating

Select from a dropdown one of the control ratings setup for your organisation.

Executive Team

Select from a staff dropdown the executive team.

Control Authoriser Rating

Select from a dropdown one of the control ratings setup for your organisation.

Control Review Date

Set up a control review date from the date picker.

Control Next Review Date

Set up the next review date from the date picker.

Control Comment

Enter a comment for the control.

Organisational Links

Select an organisational link for the control, if this is setup for your organisation.

  • Once details have been saved in the Control Detail page, click on the Documents tab at the top of the page or the 'Documents' link at the bottom of the page to fill in any documents related to the control.

4.2 Documents Tab

The Documents tab will let you upload a document or attach a link to the created Control.

Note: The Documents tab will be displayed, only if it is enabled via the 'Field Configuration' page accessed via Menu > Framework > Control Settings > Field Configuration. See article Framework – Control Settings under title 'Documents Tab' in the 'Field Configuration' section for details on setting this up.

  • STEP 1: Access the Control you wish to add documents to, go to the 'Documents' tab, and click on the Add New button.

STEP 2: Fill in a 'Name' and 'Description' for the document, and select the Type of document as Document or URL.

  • If Document: Click on the Upload Documents button to select a document to be uploaded.

Notes: 

  • Please note the document to be uploaded must not be greater than 10MB.

  • File types permitted to be uploaded: .png, .jpg, .jpeg, .gif, .bmp, .pdf, .doc, .docx, .ppt, .pptx, .xls, .xlsx, .xlsm, .epub, .odt, .ods, .txt, .msg, .csv, .mpp, .vsd, .vsdx, .eml, .pub, .ecd, .tr5, .obr, .rar, .zip, .7z, .mp4, .mov, .avi, .wav, .mp3, .mpeg

  • File types not permitted to be uploaded: .exe, .bat, .cmd

If URL: Enter the link of the URL.

  • STEP 3: Click Save to save details and add the document.

  • STEP 4: If you wish to download any documents that were uploaded as attachments:

    • Select the documents you wish to download.

    • Click on the Download button.

    • All documents having attachments in it will be downloaded.

  • STEP 5: If you wish to edit or delete a document:

    • Click on the Edit or Delete button next to the document.

    • To edit, make changes to the document and click Save.

    • To delete, click Yes to confirm deletion of the document.

The Links tab will let you link a created Control to other entities.

Note: The Links tab will be displayed, only if it is enabled via the 'Field Configuration' page accessed via Menu > Framework > Control Settings > Field Configuration. See article Framework – Control Settings under title 'Links Tab' in the 'Field Configuration' section for details on setting this up.

The below entities are available to link to, if they have been enabled for your organisation:

  • Hierarchy

  • Risk

  • Risk Action

  • Compliance

  • Policy

  • Authority Document

  • Incident

  • Audit

  • Recommendation

  • Audit Finding

  • KPIs/KRIs

To create a linkage of a Control to an entity:

  • STEP 1: Access the Control you wish to add a linkage, go to the 'Links' tab, and click on the Add New button.

  • STEP 2: In the 'Create a New Linkage' dropdown, select an entity to link to. Based on your entity selection, your options will vary as follows:

    • Hierarchy – Select a one or more 'Hierarchy links' from the list of hierarchies your organisation is setup for.

    • Risk – Select a 'Risk Type' from the dropdown and select from the filtered Risk records.

    • Risk Action/Treatment – Select from a list of Actions/Treatments.

    • Compliance/Obligations – Select from a list of Compliance records/Obligations.

    • Policy – Select from a list of Policies. 

    • Authority Document – Select from a list of Authority Documents.

    • Incident – Select from a list of Incidents.

    • Audit – Select from a list of Audit records.

    • Recommendation – Select from a list of Audit Recommendations.

    • Audit Finding – Select from a list of Audit Findings.

    • KPIs/KRIs – Select from a list of KPIs/KRIs.

  • STEP 3: Click Save to save your linkage details.

  • STEP 4: Once added, the linkages will be displayed in a grid, grouped by the entity type. You can remove any linkages from here, by clicking on the Delete button next to a linkage.

5. Control Record Details

Control Details can be attached to a Risk record and added into the system within the Camms.Risk module within the Risk Assessment tab in the Control Record Grid. Control Details will be listed in the Risk Assessments tabs when it's been added as a linkage via the Control module as well (see title Links tab in the section above this).

5.1 Adding a Control Record Detail

To add new Controls within a Risk record in the Control Record Grid:

  • STEP 1: Access a Risk record, in the Risk Assessment tab, scroll down to the Controls section, and click on the Add New button.

  • STEP 2: Fill in the control record details and click Save.

  • STEP 3: You can then click on the added Control Record Link in the Control Record Grid or the Edit button next to a record and add more details such as Actions, Documents, and/or Links.

  • STEP 4: Add more details and click the Save button at the bottom of the popup window to save details.

To link Controls from the Control Library within a Risk record in the Control Record Grid:

  • STEP 1: Access a Risk record, in the Risk Assessment tab, scroll down to the Controls section, and click on the Select from Control Library button.

  • STEP 2: In the popup window, link the required controls from the list by clicking on the checkboxes next to the controls you wish to add, and click Save to link the Risk record and maintain it independently (uniquely) for that Risk.