Ideagen Luminate logo Ideagen Luminate logo
Navigation
Need help?
Send feedback
Sign in
This page does not meet FedRAMP security standards. Please avoid entering sensitive or classified information. Learn more
Learn more
Learn more

Looking for help?

Common queries

View all

Send us feedback

Megaphone illustration

Before you start

This form is for Ideagen Luminate feedback only. Your submission will not receive a response.

Looking for support? Select the solution you need help with and open a ticket with us.
New article Recently updated

Understanding properties for Process, Objectives, Risks, Controls, and Tests within Entities

By Gregor Scott
  • Last updated
⌘ K
Search this article
Print this article

Who is this article for?

Administrators who need to understand properties for Process, Objectives, Risks, Controls, and Tests within Entities.

Administrator access to the Universe module is required.

This article explains the properties available for Entity Processes, Objectives, Risks, Controls, and Tests within Ideagen Internal Audit (Aura), including their definitions, assessments, and execution details.

1. Understanding Entity Process properties

Entity Process properties are organised into three main sections: Definition, Certification, and Execution.

1.1 Definition properties:

  • Name - Entity Process names cannot be changed since they are derived from the Process and Entity that combine to form the Entity Process
  • Accounts - Financial accounts relevant to this Risk. By default this list is drawn from Accounts already linked to the Risk's parent Process. In the event of significant changes to Accounts mapped to Processes in the Library you can use the Refresh Process feature to pull this information into the corresponding Entity Processes
  • Owner - a Staff member in the organisation
  • Business Owner - a relevant contact in the organisation, usually the person responsible for the risk
  • Budget Effort - budgeted number of days or hours of effort spent on the Audit
  • Audit Frequency - used as part of the Audit Scheduling Calculation: Scheduling Reference Date + Audit Frequency = Suggested Planned Audit Date

1.2 Certification properties:

Note: This section is only valid on Audits with Certifications enabled.

  • Certification State - Has this Process been certified?
  • Certified By and Certified Time - Who provided the certification, and when did they do it?
  • Certification Comments - Comments left by the certifier

1.3 Execution properties:

  • Comments - comments on the Risk (rich text format)
  • Cross References - the term Cross Reference is analogous to a Hyperlink where you are able to create a link to a record within the system that is of related interest

2. Understanding Entity Objective properties

Entity Objective properties are organised into two main sections: Definition and Execution.

2.1 Definition properties:

  • Entity Process - the Area where the unit of work (Objective) is located (that is, cell of the universe matrix)
  • Sub-Process - link to the Sub Processes segmentation which is dependent on Process
  • Ref - reference number for the Objective
  • Title - a Title for the Objective
  • Description - a Description for the Objective (rich text format)
  • Category - assign to a specific category for grouping (Pick list is editable in Segmentations)
  • Business Owner - a relevant contact in the organisation, usually the person responsible for the risk
  • Business Reviewer - Behaves similarly to the Business Owner and can be used to specify which individual is responsible for Reviewing that record. The field populates from Contacts by default and will cascade from parent to child objects (hidden by default in properties panel)
  • Default - functionality for the auto population of ORCTs into an Audit
  • Locked - tick if you wish to prevent the definition from being modified within an Entity
  • Audit Types - functionality for the auto population of ORCTs into an Audit - link to the Audit Types segmentation
  • Post Audit - (Post Audit Work)
  • Active State - Set as Draft, Live or Closed

2.2 Execution properties:

  • Comments - comments on the Objective work (rich text format)
  • Review State - the review state shows whether the objective has been reviewed (Not Reviewed, Reviewed or Changed)
  • Cross References - the term Cross Reference is analogous to a Hyperlink where you are able to create a link to a record within the system that is of related interest

3. Understanding Entity Risk properties

Entity Risk properties are organised into three main sections: Definition, Assessment, and Execution.

3.1 Definition properties:

  • Objective - the parent Objective
  • Ref - reference number for the Risk
  • Title - a Title for the Risk
  • Description - a Description for the Risk (rich text format)
  • Category - assign the Risk to a specific Category to group the Risks (Pick list is editable in Segmentations)
  • Type - assign the Risk to a specific Type to group the Risks (Pick list is editable in Segmentations)
  • Accounts - Financial accounts relevant to this Risk. By default this list is drawn from Accounts already linked to the Risk's parent Process
  • Assertions - Claims to be tested in relation to this Risk in the course of an Audit (Pick list is editable in segmentations)
  • Business Owner - a relevant contact in the organisation, usually the person responsible for the risk
  • Business Reviewer - Behaves similarly to the Business Owner and can be used to specify which individual is responsible for Reviewing that record. The field populates from Contacts by default and will cascade from parent to child objects (hidden by default in properties panel)
  • Locked - tick if you wish to prevent the definition from being modified within an Entity
  • Audit Types - functionality for the auto population of ORCTs into an Audit
  • Active State - set as Draft, Live or Closed
  • Due Date - date when external assessment is due. Removed if the current External Assessment is cleared. Editable even if the record is locked
  • Notified Date - date when owner was notified of item. Removed if the current External Assessment is cleared. Editable even if the record is locked
  • Respond By Date - date by when there should be an external assessment. Removed if the current External Assessment is cleared. Editable even if the record is locked

3.2 Assessment properties:

  • Inherent Score
  • Residual Score

3.3 Execution properties:

  • Comments - comments on the Risk (rich text format)
  • Review State - the review state shows whether the Risk has been reviewed
  • Cross References - the term Cross Reference is analogous to a Hyperlink where you are able to create a link to a record within the system that is of related interest

4. Understanding Entity Control properties

Entity Control properties are organised into three main sections: Definition, Assessment, and Execution.

4.1 Definition properties:

  • Ref - reference number for the control
  • Title - a title for the control
  • Description - a Description for the Control (rich text format)
  • Principles - a pair of segmentations called Principles and Components
  • Components - the list of components is a calculated field which is set to the distinct list of items covered by the selected Principles
  • Category - assign to a specific Category to group (Pick list is editable in Segmentations)
  • Type - assign to a specific Type to group (Pick list is editable in Segmentations)
  • Accounts - Financial accounts relevant to this Risk. By default this list is drawn from Accounts already linked to the Risk's parent Process
  • Assertions - Claims to be tested in relation to this Risk in the course of an Audit (Pick list is editable in segmentations)
  • Importance - assign a specific Importance to group (Pick list is editable in Segmentations)
  • Frequency - assign a specific Frequency to group (Pick list is editable in Segmentations)
  • Business Owner - a relevant contact in the organisation, usually the person responsible for the control
  • Business Reviewer - Behaves similarly to the Business Owner and can be used to specify which individual is responsible for Reviewing that record. The field populates from Contacts by default and will cascade from parent to child objects (hidden by default in properties panel)
  • Locked - tick if you wish to prevent the definition from being modified within an Audit
  • Audit Types - functionality for the auto population of ORCTs into an Audit - link to the Audit Types segmentation
  • Active State - Set as Draft, Live or Closed
  • Due Date - date when external assessment is due. Removed if the current External Assessment is cleared. Editable even if the record is locked
  • Notified Date - date when owner was notified of item. Removed if the current External Assessment is cleared. Editable even if the record is locked
  • Respond By Date - date by when there should be an external assessment. Removed if the current External Assessment is cleared. Editable even if the record is locked

4.2 Assessment properties:

  • Score

4.3 Execution properties:

  • Comments - comments on the Control (rich text format)
  • Review State - the review state shows whether the Control has been reviewed
  • Cross References - the term Cross Reference is analogous to a Hyperlink where you are able to create a link to a record within the system that is of related interest

Note: Linked controls can also be added in the Library.

5. Understanding Entity Test properties

Entity Test properties are organised into two main sections: Definition and Execution.

5.1 Definition properties:

  • Ref - reference number for the Test
  • Title - a Title for the Test
  • Description - a Description for the Test (rich text format)
  • Type - assign the Test to a specific Type to group the Tests (Pick list is editable in Segmentations)
  • Business Owner - a relevant contact in the organisation, usually the person responsible for the test
  • Business Reviewer - Behaves similarly to the Business Owner and can be used to specify which individual is responsible for Reviewing that record. The field populates from Contacts by default and will cascade from parent to child objects (hidden by default in properties panel)
  • Result Set - set the possible outcomes of the test. These outcomes can be modified through the Admin > Segmentation > Result Sets screen
  • Sample - a list of what samples the test is linked to
  • Automatic - whether or not the Test Result is automatically calculated from the Sample
  • Locked - tick if you wish to prevent the definition from being modified within an Entity
  • Audit Types - functionality for the auto population of ORCTs into an Audit
  • Active State - Set as Draft, Live or Closed

5.2 Execution properties:

  • Result - result of the Test carried out. The selectable results in this field are set by the selected Result Set (type of normal, alert or problem)
  • Result Description - additional result details (rich text format)
  • Review State - the review state shows whether the Test has been reviewed
  • Cross References - the term Cross Reference is analogous to a Hyperlink where you are able to create a link to a record within the system that is of related interest

6. Making assessments

It is possible to make as many assessments as required to either a risk or control. When a new assessment is made the assessment history will be saved and available for future reference.

What do you think about this article?

Your feedback helps us improve

More articles in this section

Looking for more help? Ask the Community

On this page