> For the complete documentation index, see [llms.txt](https://docs.cerrix.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.cerrix.com/cerrix-functionalities/module-overview.md). # Module Overview CERRIX modules work together in one operating model. Risks define exposure. Controls mitigate it. Testing validates it. Incidents, audits, and reviews surface issues. Measures of Improvement close the loop. Use this page to choose the right module and jump to the detailed guides. ### Modules at a glance #### Risks Use **Risks** to register, score, and monitor your risk landscape. * Create risks, assign owners, and link business and framework dimensions. * Score gross and net risk, then connect mitigating controls. * Use AI to refine descriptions or extract risks and controls from source documents. Start with [Risks](/cerrix-functionalities/module-overview/risks.md), [AI Risk Description Refinement](/cerrix-functionalities/module-overview/risks/ai-risk-description-refinement.md), [Budget-based Risk Scoring](/cerrix-functionalities/module-overview/risks/budget-based-risk-scoring.md), and [AI Document Extraction](/cerrix-functionalities/module-overview/risks/ai-document-extraction.md). #### Controls Use **Controls** to document how risks are mitigated and how controls operate. * Create controls from scratch or from the control catalogue. * Link controls to risks, processes, frameworks, documents, and hyperlinks. * Run D\&I testing, advanced effectiveness testing, and execution-based testing. Key guides include [Controls](/cerrix-functionalities/module-overview/controls.md), [Design & Implementation (D\&I) Testing](/cerrix-functionalities/module-overview/controls/design-and-implementation-d-and-i-testing.md), [Control Advanced Effectiveness Testing](/cerrix-functionalities/module-overview/controls/control-advanced-effectiveness-testing.md), [Execution-Based Control Testing](/cerrix-functionalities/module-overview/controls/control-advanced-effectiveness-testing/execution-based-control-testing.md), [Control Execution Tasks](/cerrix-functionalities/module-overview/controls/control-execution-tasks.md), [Randomizer](/cerrix-functionalities/module-overview/controls/control-advanced-effectiveness-testing/randomizer.md), [Control Catalogue](/cerrix-functionalities/module-overview/controls/control-catalogue.md), and [AI Control Description Refinement](/cerrix-functionalities/module-overview/controls/ai-control-description-refinement.md). #### Incidents Use **Incidents** to capture, assess, investigate, and close operational or compliance incidents. * Configure incident types, classifications, custom fields, and notifications. * Create incidents, route them through workflow stages, and manage them from the workspace. * Link incidents to risks, controls, and improvement actions for full traceability. Start with [Incidents](/cerrix-functionalities/module-overview/incidents.md), [Incidents Standing Data & Emails](/cerrix-functionalities/module-overview/incidents/incidents-standing-data-and-emails.md), [Creating a New Incident](/cerrix-functionalities/module-overview/incidents/creating-a-new-incident.md), [Incidents Workflow](/cerrix-functionalities/module-overview/incidents/incidents-workflow.md), and [Incidents Workspace](/cerrix-functionalities/module-overview/incidents/incidents-workspace.md). #### Business Improvement Management Use **Business Improvement Management** to track findings and corrective actions through to closure. * Create Measures of Improvement from risks, controls, incidents, test plans, and findings. * Assign responsibilities, deadlines, evidence, reviews, and closure steps. * Record findings reports, assessments, and linked follow-up actions in one place. Start with [Business Improvement Management](/cerrix-functionalities/module-overview/business-improvement-management.md), [Measures of Improvement (MoI's)](/cerrix-functionalities/module-overview/business-improvement-management/measures-of-improvement-mois.md), and [Findings Report](/cerrix-functionalities/module-overview/business-improvement-management/findings-report.md). #### Data Management Use **Data Management** to document processing activities and support GDPR governance. * Register purposes, legal bases, retention periods, and data subjects. * Link risks, controls, and third-party processors to each activity. * Maintain a central record for reviews, audits, and regulatory reporting. Start with [Data Management](/cerrix-functionalities/module-overview/data-management.md). #### Third Party Management Use **Third Party Management** to govern vendors, contracts, reviews, and processor relationships. * Register vendors and criticality. * Track review schedules, scores, contracts, and renewals. * Link third parties to risks, controls, MoIs, and data processing records. Start with [Third Party Management](/cerrix-functionalities/module-overview/third-party-management.md). #### Key Risk Indicators (KRI's) Use **Key Risk Indicators** to manage indicator-based monitoring as part of your broader risk and assurance model. Start with [Key Risk Indicators (KRI's)](/cerrix-functionalities/module-overview/key-risk-indicators-kris.md). #### Audit Use **Audit** for audit-related records and supporting audit material in your environment. Start with [Audit](/cerrix-functionalities/module-overview/audit.md). #### Process Management Use **Process Management** to map process flows and export linked governance context. * Print the process graph by itself. * Include linked risks, controls, events, and MoIs in exports. * Use process views to show what is and is not linked to process steps. Start with [Process Management](/cerrix-functionalities/module-overview/process-management.md). #### Business Assessment Use **Business Assessment** to review one business dimension within one organisational scope. * Combine process, risk, control, incident, MoI, KRI, and third-party insight. * Configure reviewers, review frequency, and supporting evidence. * Create a structured assurance view for management and process owners. Start with [Business Assessment](/cerrix-functionalities/module-overview/business-assessment.md). --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cerrix.com/cerrix-functionalities/module-overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.