Skip to Main Content
Cyber GRC Ideas Portal
Status Pending Product Manager's Review
Created by Guest
Created on Mar 19, 2021

{Velocity] Support Contract Compliance for typical IT elements of contracts

IT Compliance teams have to put controls in place and provide compliance reports for controls and SLAs.


this can be fairly easily supported by combining

1) Control Self-Assessments or Tests with

2) SLA Metrics


What is missing is the appropriate reporting that combines both elements. Specifically, we need a report that lists on a monthly basis the status of each control (with evidence) and the SLA Metrics

For example,

a) Control: if a contract prescribes that all personnel on a customer project have to have a given level of background checks the corresponding control would list any new staff and attach the appropriate background check documentation as evidence

b) SLA Metric: if the contract prescribes ticket resolution times of 24h, the metric would list the threshold and actual performance (based on manual input or integration with a ticketing system)


  • Attach files