Expand to navigate. Click a node to filter stories and export a pack.
As a Head of Internal Audit, I want to maintain an audit universe and build an annual plan with resources, so that audit coverage is risk-based and execution is feasible.
Risk & Compliance → Audit Management → Audit Planning → Audit Universe · BusinessTaxonomy Seed · 2026-01-06
As a Risk Manager, I want to maintain a risk register with categories, owners, and status, so that risks are visible, owned, and managed consistently.
Risk & Compliance → Governance, Risk & Compliance → Risk Register → Risk Register Management · BusinessTaxonomy Seed · 2026-01-06
As a Internal Controls Lead, I want to maintain a controls library mapped to risks with owners and frequency, so that control coverage is clear and gaps are visible.
Risk & Compliance → Internal Controls → Controls Library → Controls Mapping · BusinessTaxonomy Seed · 2026-01-06
As a Risk Analyst, I want to run risk assessments with a scoring model and approval steps, so that risk ratings are consistent and defensible.
Risk & Compliance → Governance, Risk & Compliance → Risk Assessments → Assessment Workflow · BusinessTaxonomy Seed · 2026-01-06
As a Controls Tester, I want to execute control tests, collect evidence, and track deficiencies, so that testing is standardized and audit-ready.
Risk & Compliance → Internal Controls → Controls Testing → Evidence Collection · BusinessTaxonomy Seed · 2026-01-06
As a Third-Party Risk Analyst, I want to send due diligence questionnaires and collect vendor documents, so that vendor onboarding decisions are consistent and documented.
Risk & Compliance → Third-Party Risk → Due Diligence → Vendor Questionnaire · BusinessTaxonomy Seed · 2026-01-06
As a Issue Owner, I want to track remediation actions with due dates, status, and evidence, so that issues are closed on time and closure is defensible.
Risk & Compliance → Governance, Risk & Compliance → Issues & Remediation → Remediation Tracking · BusinessTaxonomy Seed · 2026-01-06
As a Third-Party Risk Manager, I want to receive alerts when vendor risk signals change (e.g., financial distress, security incidents), so that we proactively manage third-party risk and respond faster.
Risk & Compliance → Third-Party Risk → Ongoing Monitoring → Vendor Monitoring Alerts · BusinessTaxonomy Seed · 2026-01-06
