Control Framework

AL Refs: MOC04, MOC06, GOV30, GOV32


The Control Framework is the specific control activities that have been identified, logged and are required to be maintained to mitigate the risks, support the company objectives, satisfy compliance obligations and provide a record of performance for any required audits to be conducted.

Example Control Framework

Note: This is an extract from AssuranceLab’s readiness assessment software. We recommend conducting your initial identification, mapping and documentation of your control framework using our software. This provides an automated, tailored and comprehensive (covering several standards, as selected) approach to generating your initial control framework that can then be reviewed and updated over time. This can be imported into Compliance Platforms like Tugboat Logic, GRC software like ZenGRC, or into Confluence, Notion, Excel, as desired.

Screen Shot 2022-08-16 at 12.40.17 pm