Compliance request workflow

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Compliance request workflow

    The Compliance Request Workflow in the GRC: Compliance Case Management application enables organizations to efficiently raise and manage compliance requests. This structured process ensures that compliance requests are handled methodically by the compliance team, improving the effectiveness and timeliness of compliance activities.

    Show full answer Show less

    Key Features

    • Raising Requests: Business users or compliance teams can submit compliance requests through the Employee Center or Compliance Workspace applications.
    • Triage: Assigned request analysts evaluate the validity of each request to ensure only relevant and valid requests proceed in the workflow.
    • Working on Requests: Analysts assess eligibility, gather supporting documentation (such as policies, controls, citations, and control objectives), and can approve or reject the request. Stakeholder approvals can be sought as needed.
    • Awaiting Approval: Requests are reviewed and either approved or rejected. Approval workflows can involve multiple approvers, and the “Any Approvers” option allows closure upon any single approval or rejection.
    • Cancellation: Requests can be canceled at any stage (Triage, In Progress, Awaiting Approval) if deemed not to be compliance-related, with justifications communicated to the requester.
    • Closure: Once fully processed, approved, or rejected, requests are closed, signaling that no further action is required.

    Key Outcomes

    • Streamlined processing of compliance requests ensures that only valid and relevant cases are addressed.
    • Clear stages provide transparency and control over request handling, from initiation to resolution.
    • Flexible approval workflows accommodate multiple stakeholders, enhancing collaboration and accountability.
    • Ability to cancel inappropriate requests early reduces unnecessary workload on compliance teams.
    • Final closure confirms that compliance requests are fully resolved, maintaining accurate compliance records.

    Use the request workflow in the Compliance Case Management application to raise and manage compliance requests within an organization. By using this workflow, your compliance requests are addressed effectively and efficiently by your compliance team.

    The following diagram shows the workflow of a compliance request in the GRC: Compliance Case Management application.

    Figure 1. GRC: Compliance Case Management workflow
    Workflow of a compliance request.
    The different stages of a compliance request are described as follows:
    • Raise a compliance request
    • Triage the compliance request
    • Working on a compliance request
    • Awaiting request approval
    • Cancel a compliance request
    • Close a compliance request

    Raise a compliance request

    A business user or a compliance team can raise a compliance request in the Employee Center application. Compliance case team can raise requests in the Compliance Workspace application. For more information, see Raising a compliance request in GRC: Compliance Case Management.

    Triage the compliance request

    After a compliance request is raised, the compliance team assigns a request analyst to work on the case. The request analyst then triages the case from a validity standpoint. By conducting this evaluation, the request analyst ensures that only the valid and relevant requests proceed further in the compliance process. After the request analyst verifies the request as valid, the request moves to the In progress state.

    Working on a compliance request

    In the In progress stage, the request analyst determines all the requirements for the raised request. The request analyst verifies the eligibility of the request and identifies any supporting documents, such as the policies, controls, citations, and control objectives that are related to the request. The case analyst can approve or reject the compliance request. If necessary, the analyst can seek approvals from the various stakeholders.

    Awaiting request approval

    After the request has been reviewed, it reaches this stage where a decision is made regarding its approval or rejection. This stage involves evaluating the raised request. If the request meets the necessary criteria, it’s approved. Otherwise, it may be rejected with the justifications provided to the requester. Requests can be sent for approval to multiple users and can be approved or rejected by any one of them. The Any Approvers option enables the request to be closed as soon as it receives an approval or rejection from any of the assigned approvers. For more information, see Create an approval workflow.

    Cancel a compliance request

    In this stage, a request may need to be canceled if it isn't a compliance request. A request can be canceled with the justifications provided to the requester. A request can be canceled at any stage, including Triage, In Progress, and Awaiting Approval states.

    Close a compliance request

    After a compliance request is fully processed and approved or rejected, it enters the Closed stage. This stage indicates that all the necessary actions that are related to the request have been taken. The request is considered resolved, and no further actions are required.