Control Advanced Effectiveness Testing
Control Effectiveness Testing ensures that controls are functioning as intended to mitigate risks. This process involves multiple steps to validate design and operational effectiveness.
Steps for Effectiveness Testing
Step 1: Source Document Uploader
Navigate to the test plan in the Controls module.
Click Upload Source Document.
Drag and drop files or browse to upload relevant documents.
Optionally, add a description for the uploaded file.
Step 2: Generating Samples
Choose a sampling method:
By Number: Generate samples based on a predefined count.
By Date: Use a date range to generate samples.
By Spreadsheet: Upload a spreadsheet and configure sample generation.
Step 3: Uploading Evidence
Upload evidence for each sample.
Mark samples without evidence and provide a reason in the comments.
Step 4: Testing
Assess each sample and document findings.
Provide scores and comments for each test step.
Step 5: Reviewer Step
The reviewer assesses the results, provides feedback, and confirms the final outcome.
Best Practice: Ensure all required documents are uploaded before moving to the next step.
Control Description Snapshot
When a test plan is closed, CERRIX automatically creates a snapshot of the control description as it was at that moment.
This snapshot ensures that the historical context of the control is preserved, even if the control description is updated later on. When you open a Control Advanced Effectiveness Test Plan after it has been closed, this snapshot is displayed instead of the current control description.
The date displayed next to the control description indicates when the snapshot was taken.
Control Effectiveness Testing Roles, Rights and Permissions
You can find an overview of the different roles, rights and permission for controls in this handy overview:
Last updated