If you are staring out on your compliance journey, you can map and create a full set of internal controls with one-click in the C1Risk platform. Here is how.
Applicability: Establish which controls are applicable/in scope for compliance in C1Risk
The value of your assets and their impact to the organization - actively or when compromised - is a critical factor in the development of your risk and compliance program. Asset value informs inherent risk on the C1Risk platform and can be tracked against a single or related assets. C1Risk provides multiple templates for impact analysis, ranging from simple scoring, CIA ratings, and specific business line impact, or you can configure your own. Learn how to do your asset impact analysis here.
Cybersecurity Obligations - Regulations - Standards - Crosswalks
Learn two approaches to selecting controls in scope for compliance and how to quickly create your Statement of Applicability on the C1Risk platform.
This helps you write and implement internal controls for your company. Who, what, when is an internal control? Find out here.
See how we use crosswalks to help you consolidate and map your Internal Controls and streamline compliance.
Learn how to quickly set up Internal Audit on the C1Risk platform and create your audit plans, programs, test results (workpapers), and add findings to build your dashboard or export reports into PDF files for distribution. Internal Audit made easy and efficient on the C1Risk Platform.
General users and vendors have access to a task list in the C1Risk platform where they can view all of their active tasks and begin working.
Policies, controls and evidence can be mapped to regulations and standards and easily viewed in your GRC Library with C1Risk.
Control tests can be added from internal controls in C1Risk, and findings can be added to support test results to mitigate risk.
External auditors can view and download evidence and verify internal controls in the C1Risk platform for any regulation or standard in the GRC Platform.
How to request additional evidence from evidence owners during the collection period.
Audit can be managed on-screen with your Auditor in the C1Risk platform. Set your evidence collection period then see your regulatory/standard control library, mapped internal controls, and relevant evidence, based on your selected audit period.
As documentation for audit is collected, compliance managers review and approve/reject documents and track this process in the C1Risk platform.
Evidence from an IRL, PBC, or from your own spreadsheets, can be easily bulk uploaded into the C1Risk platform.
Fast, reliable, affordable. Get CMMC Certified with C1Risk on our best in class, integrated risk and compliance management platform.
The C1Risk platform allows you to filter your compliance workflows to see work by status, owner, and more.
How to launch and automate your evidence collection for continuous monitoring and ongoing compliance in the C1Risk platform.
This training video explains how to set up an evidence record and launch a document request in a timely fashion. to ensure you collect evidence with enough time to validate, conduct internal audit, and have all your documentation in place for your external audit.
Set it and forget it! Automate evidence collection on the C1Risk platform.
Learn how to bulk upload from a spreadsheet, or quickly add internal controls and auto-map to your regulatory and standard requirements in the C1Risk platform.
As part of the audit process, you need to create internal controls to demonstrate implementation of the associated regulation or standard. Here are three options for quickly creating those controls in the C1Risk Platform.
This video will walk you through the following:
1. How to map internal controls to standards or regulations
2. How to map standards and regulations to internal controls
3. How to bulk upload internal controls with mapping
Use the Control Library as your main workflow for setting up your Internal Controls.
This training gives you a breakdown of the key elements of an internal control, and what auditors are looking in terms of information provided in an internal control statement. Who, what, how often, and more.
Learn how to use the applicability function to select not/applicable controls, write corresponding Statements of Applicability (SOAs) and export your SOA report for your ISMS.
Monitor your readiness for audit and continuous compliance and risk management for SOC 2, ISO 27001, CMMC, HIPAA, PCI, and more with C1Risk's real-time dashboards. C1Risk provides continuous cybersecurity for your organization.
Learn how to browse the control library and quickly identify controls that are or are not in scope for compliance on the C1Risk Platform.
Learn how to do the following in the C1Risk platform:
1. Choose applicable controls (EG. Criterai for SOC 2)
2. Choose Non-applicable controls (ISO 27001)
3. SOA
C1Risk has crosswalks for many of the most common regulations and standards to help you see where you comply and are able to consolidate internal controls.
C1Risk automatically updates and adds updated versions of your standards and regulations into your GRC Library.
Learn how to do the following on the C1Risk platform:
1. Use the C1Risk GRC Library repository
2. Add any regulation or standard to the C1Risk platform
3. Crosswalks
4. Maintain regulations and standards (C1Risk updates obligations automatically)
Quick overview of compliance management on the C1Risk Platform