Compliance Home page for the compliance manager

  • Release version: Xanadu
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Compliance Home page for the compliance manager

    The Compliance Manager Home page in the Compliance Workspace provides a comprehensive overview of an organization’s compliance posture. It allows compliance managers to manage internal policies and control processes in alignment with external regulations. This functionality is crucial for various user personas such as corporate compliance managers, IT compliance managers, and compliance analysts, who ensure adherence to organizational and industry standards.

    Show full answer Show less

    Key Features

    • Compliance Tracking: Review authority documents, policies, and their compliance status.
    • Task Management: Monitor compliance tasks including controls, attestations, and overdue tests.
    • Document Creation: Create and manage authority documents, policies, control objectives, and more.
    • Prioritization: Tasks are listed starting from the least compliant, allowing for immediate action on critical issues.
    • Issue Tracking: Access detailed issue information from the "Issues Overview" section.

    Key Outcomes

    By utilizing the Compliance Manager Home page, compliance managers can effectively ensure all policies and regulations are followed, manage tasks efficiently, and prioritize compliance efforts based on real-time data. Furthermore, to achieve a holistic view, additional GRC plugins must be installed, such as Audit Management, Regulatory Change Management, and Privacy Management, each requiring specific user roles for access to certain widgets.

    The compliance manager home page in the Compliance Workspace gives a complete overview of the compliance posture of the organization. The workspace helps the compliance manager to centrally manage internal standards, policies, and control processes that match the external regulatory standards.

    Compliance manager most often reports to a compliance director and ensures that the company complies with organizational and industrial regulations and standards.

    The user persona may vary across organizations, however, a corporate compliance manager, IT compliance manager, compliance manager, or compliance analyst, depending on the organizational structure, can be tasked with ensuring that the organization is complying with policies and regulations.

    Responsibilities of a compliance manager

    The compliance manager must
    • Ensure that all policies and regulations are being followed.
    • Create and maintain policies up to the level of defining and applying controls.
    • Approve and track policy exceptions.
    • Manage the team appropriately.

    Compliance Workspace for compliance manager tasks

    To fulfil the above responsibilities, a compliance manager has certain daily and weekly functional tasks that can be performed in the compliance workspace.

    Figure 1. Compliance manager workspace
    Compliance manager workspace.
    • Use the Overview section to review the authority documents, policies, and entities and know their compliant status. Get the list of least compliant authority documents, policies, and entities, and their compliance score.
    • Review compliance tasks such as controls, control attestations, indicator tasks, ongoing and overdue control test count in the control assurance section.
    • Monitor and analyze new key controls and track the performance of existing controls.
    • Identify past due tasks and inadequate remediation strategies.
    • Get an overview of all your compliance tasks – pending tasks and group's tasks.
    • Track the changes done to the authority documents, regulations, and policies.

    As a compliance manager, you can create authority documents, citations, policies, control objectives, controls, indicator tasks, acknowledgement campaigns, policy exceptions, and engagements.

    To help the compliance manager attend to tasks that need immediate action, the compliance records in the overview section are listed in an order starting from the least compliant ones. The data displayed for control tests, indicators, and attestations in the control assurance section help the compliance manager to prioritize the tasks as well. Tracking of acknowledgement campaigns and policy exceptions can be managed effectively.

    Note:
    To track the issues the compliance manager can access the issue details from the "Issues Overview" section.

    Other GRC plugins for an overall view

    As the compliance manager requires an overall view of all compliance tasks, they can view the privacy management and regulatory change management application domains as well in the compliance manager home page. However, you require the following plugins to be installed for certain widgets to be displayed on the home page.
    • GRC: Audit Management for the control tests widget in the Control assurance section.
    • GRC: Regulatory Change Management for the Regulatory changes widget in the Tracking section. The logged in user must also have the RCM manager role (sn_grc_reg_change.manager).
    • GRC: Privacy Management for the Domain compliance status section. The logged in user must also have a privacy manager role (sn_privacy.manager).