Working with controls
A control is a planned action or mechanism used to mitigate risk within your organization. Implementing controls reduces the likelihood and impact of risks, helping to ensure business continuity and effective risk management.
Adding a control
To add a control:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
- Go to the Controls tab and then select + Add Control.
The Add Control panel opens.
- In the Add Control panel, enter a name for the control.
- Provide any additional details, and then select one of the following:
- Add Control to save the control and close the panel.
- Save & Add New to save the control and add another control.
The control is created.
- (Optional) To view or edit additional details, select the control name to open the control details page.
Adding or updating the owner of a control
To add or update the owner of a control:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
- Select the Controls tab.
- From the control list, select the name of the control you want to update.
The Details tab opens.
- In the Control Owner field, select a user and then select Save Changes.
The control is assigned to the selected user. An email notification is automatically sent to the assigned user.
Moving a control through different workflows
After creating a control, you can advance it through different workflow states based on your requirements. Some workflow states may require specific fields to be completed. Make sure the required information is filled in before advancing the control.
To move a control from Draft to Identification state:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
-
Go to the Control tab, and select the name of the control you want to update.
The detailed control page opens with the Details tab.
- Enter the information about the control, including the ID, description, and owner.
- Select Save Changes.
- In the top-right corner, select Identify.
The workflow status changes to Identification.
Note
You can follow the steps above to move the control through the remaining workflow states as needed.
Linking a control to different objects
A control is associated with various assets and other library objects across your organization. Establishing these links provides context for the control and enables you to understand its impact on the related objects.
To link a control to different objects:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
-
Select the name of the control you want to work with.
The detailed control page opens with the Details tab.
- Navigate to the Relationship tab and do the following based on what you want to link:
- To link a risk:
- Select Link risks.
In the Link risks dialog box:
- Select the type of risk and the specific risk.
- Select Link risks.
The risk is now linked to the control.
- To link an asset:
- Select Link assets.
In the Link assets dialog box:
- Select the type of asset and the specific asset.
- Select Link assets.
The asset is now linked to the control.
- To link a control assessment:
- Select Link control assessments.
In the Link control assessments dialog box:
- Select the type of control assessment and the specific assessment.
- Select Link control assessments.
The control assessment is now linked to the control.
- To link a risk:
Note
- Use the same process to link the control to library objects such as other controls, processes, and objectives, if those object types are configured in your Risk Manager instance.
- On the home page, you can link objects by expanding the control row and selecting Add Relationship. This option is available only if the control is not already linked to an object.
- When you link a control to another object, a bidirectional link is created. For example, when you link a risk to a control, the relationship is visible in the Relationship tab of both, the risk and the control. If the links are not displaying correctly, contact Support for assistance.
Unlinking a control from other objects
You can remove existing relationships between a control and associated assets or other library objects.
To unlink a control from other objects:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
-
Select the control you want to work with.
The detailed control page opens with the Details tab.
- Go to the Relationship tab, and select the unlink icon
next to the object that you want to unlink. - In the Unlink relationship dialog box, select Unlink Object.
The object is removed from the control.
Associating a control with an organizational unit
You can associate a control in Risk Manager with one or more organizational units. These units constitute the foundation of the enterprise, linking diverse organizational entities across different company segments. This hierarchy also stores departmental and business unit details.
To associate a control with an organizational unit:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
-
Under the Control tab, select the name of the control you want to update.
The control details page is displayed.
-
In the Details tab, in the Related Org Unit field, search for and select one or more preconfigured organizational units you want to associate with the control.
-
Select Apply Selection.
-
Select Save Changes.
The control is updated. On the Risk Manager home page, under the Control tab, you can view the associated organizational unit in the Org Unit column.
Note
-
The organizational unit hierarchy is preconfigured by the System Admins in your organization. For more information about the hierarchies in the organizational structure, contact your System Admin.
-
If you are a System Admin, navigate to Platform Settings and select Org Structure, to view and manage the list of preconfigured organizational units. To learn more about organizational units, see Organizational Structure.
-
Creating a control assessment
Control assessments help evaluate the effectiveness of a control in reducing risk. Assessments are generated based on the control’s relationship with other objects.
To create a control assessment:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
-
Under the Control tab, select the control for which you want to create a control assessment.
-
On the Control Details page, go to the Control Assessment tab.
-
Select Add Control Assessment.
-
In the Add Control Assessment dialog box:
- Enter a name for the control assessment.
- Select Add Control Assessment.
-
On the Control Assessments Details page, do the following:
-
Provide a reference ID and add a description.
-
Assign an owner for the risk assessment.
-
(Optional) Select an organizational unit.
-
-
Select Save changes. The control assessment is created and an email is sent to the assessment owner with the link to the assigned assessment.
Assessing a control
After a control is created and identified, you can assess it by analyzing the effectiveness of the control.
To assess a control:
- Log in to Diligent One using the link in the email that you receive. The Risk Manager app opens.
-
On the Control Assessments details page, do the following:
-
Select values for Impact and Likelihood.
-
Choose an inherent risk score from the drop-down list.
-
-
Select Save Changes, to update the control assessment.
Assessments are generated based on objects linked to the control.
Deleting a control
To delete a control:
-
From the Launchpad home page (www.diligentoneplatform.com), select the Risk Manager app to open it.
If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Risk Manager app.
Note
Diligent One Platform also supports the domain www.highbond.com. For more information, see Supported domains.
-
Select the control you want to delete.
The detailed control page is displayed.
- In the top-right corner, select More options
and then select Delete. - In the confirmation dialog box, select Delete.
The control is deleted.
