Roles and permissions
The following users can access the audit controls tab:
Anyone who is a member of the audit can view the controls tab.
The following users can edit data on the audit controls tab:
Auditors who are members of the audit with an auditor role.
The Controls tab on an audit is used by auditors to record control testing processes and results and by other Hyperproof users to monitor the status of those tests. Auditors have an expanded view that is confidential and not available to other Hyperproof users.
Audit controls tab - All users
All audit members can view the following fields on the audit Controls tab.
Audit controls tab fields - All users
Fields/Options | Definition |
Activity feed  | Opens the audit activity feed. |
Settings  | Opens the Settings window where you can add, remove, or reorganize the columns in the grid. |
ID | ID of the control being tested. If the control has a control scope, the control scope ID is included after the control ID, separated by an underscore (_). For example, if the ID is ASB-300 _Buenos Aires, the control ID is ASB-300, and the control scope ID is Buenos Aires. Only the controls linked to audit requests are listed. |
Name | Name of the control being tested. |
Description | Description of the control being tested. This field is populated based on the information in the control itself. |
Control owner | Manager of the control responsible for ensuring that the control is kept updated. |
Testing status | Overall status of the testing for the control. There may be multiple tests within this single record. Testing statuses include:
|
Audit controls tab - Auditors only
Auditors with the Auditor role for the audit can view and edit the following fields on the audit Controls tab grid.
Audit controls tab grid fields - Auditors
Field/Option | Definition |
Activity feed  | Opens the audit activity feed. |
Settings  | Opens the Settings window where you can add, remove, or reorganize the columns in the grid. |
ID | ID of the control being tested. If the control has a control scope, the control scope ID is included after the control ID, separated by an underscore (_). For example, if the ID is ASB-300 _Buenos Aires, the control ID is ASB-300, and the control scope ID is Buenos Aires. Only the controls linked to audit requests are listed. |
Name | Name of the control being tested. |
Description | Description of the control being tested. This field is populated based on the information in the control itself. |
Control owner | Manager of the control responsible for ensuring that the control is kept updated. |
Testing status | Overall status of the testing for the control. There may be multiple tests within this single record. Testing statuses include:
|
Actions | Click the pencil icon in the Actions column to open the testing details for a control. |
When you click the pencil icon in the Actions column, a details panel opens for the selected control. In this panel, you can record information about the tests you have performed.
Audit controls tab details - Auditor
Field | Definition |
Title | Displays the control ID and name. |
Description | Description of the control being tested. This field is populated based on the information in the control itself. |
Testing status | Use this field to set the overall testing status for the control. Keep in mind that you may record the results of several tests in this single window. |
Notes | Enter general notes about the control and associated tests. |
+New test | Add new test rows to the Audit Testing table, describing the tests to be conducted. |
Audit Testing | This table contains the information for individual tests in the following fields:
|