Automating control assessments

In the Projects app, you can create assessment drivers based on a metric to automate control assessments and notify key stakeholders when changes occur.

Before you start

Before you can automate a control assessment, you need to set up a project with objectives, risks, and controls. To turn on the Automate button, you or someone on your team needs to complete the following tasks:

Create a metric in Results see Monitoring key indicators with metrics
Link the metric to the assessment in a project see Linking evidence from Results

How it works

After you have completed the prerequisite tasks, you create an assessment driver by:

selecting the execute procedure, walkthrough, or test you want to automate
defining metric ranges that will be used to determine the evaluation of a control's design or effectiveness:
- Execute Procedure Were issues identified when completing this procedure?
- Walkthrough Is the control designed appropriately?
- Test Did the control operate effectively?

Once you create the assessment driver, the assessment is automatically updated whenever the metric value crosses a specified threshold. The assessment driver determines whether the execute procedure, walkthrough, or test passes or fails.

Whenever the control assessment changes, stakeholders are automatically notified via the Projects daily summary email, enabling them to take appropriate action.

What changes in Projects impact the way assessment drivers work?

Depending on the change, assessment drivers are enabled, disabled, locked, copied, or permanently deleted.

Change	Impact
Deleting a metric in Results that has been linked to a walkthrough or test in Projects	Once a metric is associated with an assessment driver, any metric configuration changes you make in the Results app disables the control assessment automation in Projects. The most recent assessment value is retained and the control assessment becomes a manual process. Note You can fix the problems in Results or Projects and re-enable the assessment driver.
Changing the configuration of a metric in Results
Importing controls, cloning or importing objectives, or rolling forward projects	Any associated assessment drivers and linked metrics are copied: when the project type of the source project and target project are the same from archived to active projects or active to active projects within the same Diligent One instance Assessment drivers are automatically enabled in the target project. If the project type of the source project and target project are different, assessment drivers are not copied to the target project.
Checking out a section in Offline Projects	Any fields that have been automated using assessment drivers are disabled and prevented from further edits.
Syncing a project with a framework	If an assessment driver is configured in the project: the control assessment within the framework overwrites the control assessment in the project the assessment driver in the project becomes disabled
Unlinking a metric from an execute procedure, a walkthrough, or a test in Projects	Any associated assessment drivers are permanently removed. The most recent assessment value is retained, and the control assessment becomes a manual process.
Specifying a control test as not applicable (Are you testing this key control as part of this testing round? = No)	The assessment driver associated with the control test is disabled.
Signing off on an execute procedure, a walkthrough, or a test	The execute procedure, walkthrough, or test page becomes read-only, and the assessment driver is disabled. You can override the sign-off and manually enable the assessment driver, if needed. However, to preserve the integrity of the test result, when you sign-off again, the assessment driver is once again disabled.
Archiving a project or deleting a project temporarily	Any associated assessment drivers are disabled. The most recent assessment value is retained.
Unarchiving a project or restoring a project	Any associated assessment drivers that were not manually disabled or broken prior to archiving the project are automatically re-enabled. The most recent assessment value is retained.
Deleting an objective (that contains the control) from a project	Any associated assessment drivers are permanently removed.
Deleting a control from a project
Permanently deleting a project

Permissions

Professional Managers and Professional Users can automate control assessments. All other roles can only view automated control assessments.

Configure an automated control assessment

Navigate to an execute procedure, a walkthrough, or a test in a project

Note

Interface terms are customizable, and fields and tabs are configurable. In your instance of Diligent One, some terms, fields, and tabs may be different.
If a required field is left blank, you will see a warning message: This field is required. Some custom fields may have default values.

From the Launchpad home page (www.highbond.com), select the Projects app to open it.

If you are already in Diligent One, you can use the left-hand navigation menu to switch to the Projects app.

The Projects home page opens.
Open a project.
The project dashboard opens.
Click the Fieldwork tab.
Locate the appropriate objective, click Go To, and select one of the following options:
- Execute Procedures
- Walkthroughs
- Testing
Do one of the following:
- If you selected Execute Procedures, click View/Edit beside the execute procedure you want to automate.
- If you selected Walkthroughs , click View/Edit beside the walkthrough you want to automate.
- If you selected Testing, click Update Test beside the test you want to automate.
Scroll down the page, and next to the field, click Automate AssessmentType (available after you’ve linked a metric to the test as evidence):
Assessment type Field
Execute Procedure Were issues identified when completing this procedure?
Walkthrough Is the control designed appropriately?
Test Did this control operate effectively?
The Assessment Drivers side panel opens, with the objective, control, and assessment type pre-selected.

Assessment type	Field
Execute Procedure	Were issues identified when completing this procedure?
Walkthrough	Is the control designed appropriately?
Test	Did this control operate effectively?

Specify a metric and define ranges

Click the Select a Metric... dropdown list to specify the metric that will be used to populate the value of the field associated with the execute procedure, walkthrough, or test. The metric must generate a numeric value. You cannot use metrics based on dates. You can only select metrics that have been linked to the selected execute procedure, walkthrough, or test.
Note
If you previously linked a metric, and archived the collection in Results where the metric is located, the metric is protected in a read-only state. No data can be added or changed.
Select the appropriate operator (less than or greater than) and define the conditions that need to occur for the control assessment to automatically update to the specified value.
As you enter values in the right column, the left column is auto-populated with the next sequential value, and the field value changes color once you have entered a number for the row.
You can enter any number of decimal places for each value. However, upon saving, values only display up to two decimals.
Tip
You can use Tab to quickly move vertically down the right column.
Optional. Disable the Assessment Driver if you do not want to automate the control assessment immediately.
By default, the Assessment Driver is enabled , and the assessment is automated immediately after saving. Once the Assessment Driver is enabled, you cannot update the value of the control assessment manually.
Click Save.
Result The control assessment is automated.
Note
You must define all metric ranges before you can save.

View or edit automated control assessments

Navigate to the appropriate execute procedure, walkthrough, or test in the project.

Scroll down the page to view status information beside the field:

Assessment type	Field	If the field displays...
Execute Procedure	Were issues identified when completing this procedure?	an automated icon , the control assessment automation is enabled. a warning icon , the control assessment automation is disabled. a locked icon , the execute procedure, walkthrough, or test page is read-only, and the assessment driver is disabled. an error icon , an error has occurred. For more information, see What changes in Projects impact the way assessment drivers work?
Walkthrough	Is the control designed appropriately?
Test	Did this Control operate effectively?

Assessment type

Field

If the field displays...

Execute Procedure

Were issues identified when completing this procedure?

an automated icon , the control assessment automation is enabled.
a warning icon , the control assessment automation is disabled.
a locked icon , the execute procedure, walkthrough, or test page is read-only, and the assessment driver is disabled.
an error icon , an error has occurred.

For more information, see What changes in Projects impact the way assessment drivers work?

Walkthrough

Is the control designed appropriately?

Test

Did this Control operate effectively?

To edit or enable / disable an assessment driver, click Edit AssessmentType next to the field.
The Assessment Drivers side panel opens, allowing you to view or configure the assessment driver.

Delete an assessment driver