Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Română Русский svenska Kiswahili ไทย Türkçe Українська Tiếng Việt 简体中文 中文 (香港) 繁體中文

KCM GRC: Completing a Scope Self-Assessment

Avatar
Lauren Ashley
Updated
Follow

How Do I Complete a Scope Self-Assessment?

The Scope Self-Assessment lets you evaluate your current level of compliance based on a particular scope.

This assessment allows you to set a status for each requirement in the scope. By selecting a status for your requirements, you will determine the percentage of compliance that your organization currently holds for the scope in question. This will assist in showing your organization’s stakeholders your organization's current state of compliance. Completing the Scope Self-Assessment is optional, but recommended. 

Follow the steps below to complete your Scope Self-Assessment. 

  1. Navigate to your scope by clicking Compliance > Scopes from the navigation panel on the left-hand side. 
  2. Under the Name column, click on the name of the desired scope.
  3. From the View Scope page under the Overview tab, you can see the current state of your Scope Self-Assessment, as shown below.
    View Scope > Overview tab
  4. Click the Requirements tab. Here, you can see the Scope Self-Assessment Progress bar.
    • Above the progress bar is the Requirements Breakdown which shows your self-assessment response percentages.
  5. To complete your Scope Self-Assessment: From the Self-Assessment Response column, select the appropriate response for each requirement. 
    • If you have not completed the assessment, requirements will have the No Answer option selected by default.


    As a best practice, KCM GRC suggests selecting a Self-Assessment Response based on the following recommendations:

    Self-Assessment Response KCM GRC's Recommendation
    No Answer Your organization has yet to determine whether this requirement needs to have a control (or process) in place. 
    Met Your organization has the necessary controls (or processes) in place and is currently meeting this requirement.
    Partially Met Your organization is partially meeting this requirement, but additional controls (or processes) need to be put in place in order to fully meet the requirement.
    Not Met Your organization has determined that the requirement is applicable, but you do not have the necessary controls (or processes) in place.
    N/A Your organization has determined that the requirement is not applicable.
Tip: If you would like to leave a note on the requirement to explain why you chose a particular response, click the requirement name to open it. Then, add a note under the Notes area of the View Scoped Requirement page.

At any time, you can return to the View Scope page > Requirements tab to reassess your scope requirements to reflect the current state of your organization.

Back to top

 

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles