Compliance Home page for the compliance manager

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Compliance Home page for the compliance manager

    The Compliance Home page within the Compliance Workspace provides compliance managers with a centralized and comprehensive view of their organization's compliance posture. It enables management of internal standards, policies, and control processes aligned with external regulatory requirements. Compliance managers—who may hold titles such as corporate compliance manager, IT compliance manager, or compliance analyst—are responsible for ensuring adherence to organizational and industry regulations.

    Show full answer Show less

    Responsibilities of a Compliance Manager

    • Ensure all policies and regulations are followed.
    • Create, maintain, and apply policies and controls.
    • Approve and track policy exceptions.
    • Effectively manage the compliance team.

    Compliance Workspace Features for Compliance Managers

    The workspace supports daily and weekly compliance tasks, including:

    • Overview Section: Review authority documents, policies, and entities along with their compliance statuses, focusing on the least compliant items first.
    • Control Assurance Section: Manage and prioritize tasks related to controls, control attestations, indicator tasks, and monitor ongoing and overdue control tests.
    • Monitor new and existing key controls and analyze their performance.
    • Identify overdue tasks and insufficient remediation efforts.
    • Track pending tasks and those assigned to groups.
    • Review changes made to authority documents, regulations, and policies.
    • Create and manage compliance artifacts such as authority documents, citations, policies, control objectives, controls, indicator tasks, acknowledgment campaigns, policy exceptions, and engagements.
    • Track acknowledgment campaigns and policy exceptions effectively.
    • Access detailed issue tracking through the "Issues Overview" section.

    Integration with Other GRC Plugins

    For a holistic compliance management experience, the Compliance Home page supports integration with additional Governance, Risk, and Compliance (GRC) plugins:

    • Audit Management: Required for control tests widget in the Control Assurance section.
    • Regulatory Change Management: Enables the Regulatory Changes widget; requires the user to have the RCM manager role.
    • Privacy Management: Supports the Domain Compliance Status section; requires the privacy manager role.

    These integrations allow compliance managers to gain an overall view of compliance tasks across privacy, audit, and regulatory domains directly from the home page.

    The compliance manager home page in the Compliance Workspace gives a complete overview of the compliance posture of the organization. The workspace helps the compliance manager to centrally manage internal standards, policies, and control processes that match the external regulatory standards.

    Compliance manager most often reports to a compliance director and ensures that the company complies with organizational and industrial regulations and standards.

    The user persona may vary across organizations, however, a corporate compliance manager, IT compliance manager, compliance manager, or compliance analyst, depending on the organizational structure, can be tasked with ensuring that the organization is complying with policies and regulations.

    Responsibilities of a compliance manager

    The compliance manager must
    • Ensure that all policies and regulations are being followed.
    • Create and maintain policies up to the level of defining and applying controls.
    • Approve and track policy exceptions.
    • Manage the team appropriately.

    Compliance Workspace for compliance manager tasks

    To fulfil the above responsibilities, a compliance manager has certain daily and weekly functional tasks that can be performed in the compliance workspace.

    Figure 1. Compliance manager workspace
    Compliance manager workspace.
    • Use the Overview section to review the authority documents, policies, and entities and know their compliant status. Get the list of least compliant authority documents, policies, and entities, and their compliance score.
    • Review compliance tasks such as controls, control attestations, indicator tasks, ongoing and overdue control test count in the control assurance section.
    • Monitor and analyze new key controls and track the performance of existing controls.
    • Identify past due tasks and inadequate remediation strategies.
    • Get an overview of all your compliance tasks – pending tasks and group's tasks.
    • Track the changes done to the authority documents, regulations, and policies.

    As a compliance manager, you can create authority documents, citations, policies, control objectives, controls, indicator tasks, acknowledgement campaigns, policy exceptions, and engagements.

    To help the compliance manager attend to tasks that need immediate action, the compliance records in the overview section are listed in an order starting from the least compliant ones. The data displayed for control tests, indicators, and attestations in the control assurance section help the compliance manager to prioritize the tasks as well. Tracking of acknowledgement campaigns and policy exceptions can be managed effectively.

    Note:
    To track the issues the compliance manager can access the issue details from the "Issues Overview" section.

    Other GRC plugins for an overall view

    As the compliance manager requires an overall view of all compliance tasks, they can view the privacy management and regulatory change management application domains as well in the compliance manager home page. However, you require the following plugins to be installed for certain widgets to be displayed on the home page.
    • GRC: Audit Management for the control tests widget in the Control assurance section.
    • GRC: Regulatory Change Management for the Regulatory changes widget in the Tracking section. The logged in user must also have the RCM manager role (sn_grc_reg_change.manager).
    • GRC: Privacy Management for the Domain compliance status section. The logged in user must also have a privacy manager role (sn_privacy.manager).