Agentic AI Atlasby a5c.ai
OverviewWikiGraphFor AgentsEdgesSearchWorkspace
/
GitHubDocsDiscord
iiRecord
Agentic AI Atlas · Control Effectiveness Testing
workflow:control-effectiveness-testinga5c.ai
Search record views/
Record · tabs

Available views

II.Record viewspp. 1 - 1
overviewjsongraph
II.
Workflow overview

workflow:control-effectiveness-testing

Reference · live

Control Effectiveness Testing overview

Tests the design and operating effectiveness of internal controls -- selecting control samples based on risk-tier prioritization, evaluating whether control design adequately addresses identified risks, testing operating effectiveness through walkthroughs, re-performance, and evidence inspection, assessing automated control configurations and access restrictions, identifying control deficiencies and classifying severity as gap, weakness, or material weakness, and tracking remediation commitments from prior testing cycles. Produces control testing results matrix, deficiency register, and remediation status report. Excludes control design and policy authoring.

WorkflowOutgoing · 11Incoming · 0

Attributes

displayName
Control Effectiveness Testing
workflowKind
governance
triggerType
scheduled
typicalCadence
quarterly
complexity
cross-team
description
Tests the design and operating effectiveness of internal controls -- selecting control samples based on risk-tier prioritization, evaluating whether control design adequately addresses identified risks, testing operating effectiveness through walkthroughs, re-performance, and evidence inspection, assessing automated control configurations and access restrictions, identifying control deficiencies and classifying severity as gap, weakness, or material weakness, and tracking remediation commitments from prior testing cycles. Produces control testing results matrix, deficiency register, and remediation status report. Excludes control design and policy authoring.

Outgoing edges

applies_to_domain2
  • domain:operations·DomainOperations
  • domain:cybersecurity-grc·DomainCybersecurity GRC
involves_role3
  • role:operational-risk-analyst·RoleOperational Risk Analyst
  • role:security-reviewer·RoleSecurity Reviewer
  • role:compliance-officer·RoleCompliance Officer
performed_by_org_unit2
  • org-unit:risk-management-team·OrgUnitRisk Management Team
  • org-unit:compliance-team·OrgUnitCompliance Team
requires_skill_area2
  • skill-area:observability-pipeline·SkillAreaObservability Pipeline
  • skill-area:incident-response·SkillAreaIncident Response
triggers_responsibility2
  • responsibility:run-security-scans·ResponsibilityRun security scans
  • responsibility:review-architecture-changes·ResponsibilityReview architecture changes

Incoming edges

None.

Related pages

No related wiki pages for this record.

Shortcuts

Open in graph
Browse node kind