Any user with permission to create or edit a business process can create a control. If the control ownership is enabled and a user has permission, a control owner can be assigned to a control. Controls can be created when a process is created, or added later as risks are identified and controls for those risks are required. Once a control has been documented, users can view the control and its values, description, comments, and documentation history.
You can specify that a control can be related to a specific risk in the same business process, using the Related Risks feature. Also, a control can be related to another control through the Related Controls feature on a Control page. This enables you to specify the type of relationship between controls (such as one control is a secondary control to another control).
One or more controls should exist for each documented risk in a business process.
In order to create a control for a business process, carry...