Control Objectives

A Control Objective is an assessment object that defines the risk categories for a Process or Sub-Process.

Control Objectives define the COSO compliance categories that the Controls are intended to mitigate. Control Objectives can be classified into categories such as Compliance, Financial Reporting, Strategic, Operations, or Unknown.

After a Control Objective is identified, the Risks belonging to that Control Objective can then be defined. In most cases, each Control Objective has one Risk that is associated with it. However, it might have more than one Risk that is associated with it. For example, a financial services company employs traders that are aware of the required ethical standards. The HR department sets up a control objective called 'Personnel'. A risk that is associated with the Control Objective is, Employees engage in business dealings that conflict with the company objectives for ethical and fair trading.

By default, an OpenPages® Internal Audit Management Control Objective is disabled. This object is not often used, except to align with other solutions that might use it.