Thanks team !! Very precise and brief on the Control Test process. Although you highlight the common mistakes on the usage especially "Attestation" and others, there are different approaches followed on the typical Compliance Management aspects. As a Compliance analyst 1. Not sure, should you perform Self Assessment first before Attestation by Owner 2. Await for Attestations and then carry out Self Assessments to check the design and operating effectiveness. 3. And let External Auditors perform the testing and sign off. Do you recommend any other prerequisites like, Scoping list of Controls to be Tested, Sample based testing/Pen testing etc. Any other material indicating the step by step guide what happens in typical Compliance Management in ServiceNow
Thanks team !! Very precise and brief on the Control Test process. Although you highlight the common mistakes on the usage especially "Attestation" and others, there are different approaches followed on the typical Compliance Management aspects. As a Compliance analyst
1. Not sure, should you perform Self Assessment first before Attestation by Owner
2. Await for Attestations and then carry out Self Assessments to check the design and operating effectiveness.
3. And let External Auditors perform the testing and sign off.
Do you recommend any other prerequisites like, Scoping list of Controls to be Tested, Sample based testing/Pen testing etc.
Any other material indicating the step by step guide what happens in typical Compliance Management in ServiceNow