Define the safeguards that enforce your compliance policies and satisfy external
regulations. Compliance controls are the practical, testable checks that turn policy intent into
measurable protection, mitigate registered risks, and produce the evidence external auditors
rely on.
Required Editions
Available in: Lightning Experience
Available in: Enterprise, Performance, and Unlimited
Editions with Agentforce IT Service.
Controls Management Workflow for IT Compliance Follow how a compliance team creates, tests, and maintains compliance controls that enforce policies, satisfy regulations, and mitigate risks. See how controls are mapped to risks, business operations processes, and assets, and how control testing feeds into evidence collection and remediation workflows.
Set Up Controls Management for IT Compliance Bring Controls Management online for your org. Turn on the feature in Salesforce Go, enable the control implementation methods that match how your compliance team works, and assign permission sets so your admins can start authoring controls, building validation procedures, and running compliance tests.
Work with Controls for IT Compliance Author compliance controls, build validation procedures, and run compliance tests by using Process Compliance Navigator. IT Compliance shares the Controls Management capability with Process Compliance Navigator, so your compliance team uses the same authoring experience to define controls that enforce ISO 27001 and other compliance frameworks across your IT processes.
Types of Controls in IT Compliance IT Compliance supports multiple control types depending on how they operate and how they're validated.
How Control Effectiveness Drives Risk Scoring See how control effectiveness ratings drive residual risk calculations, how control failures automatically increase risk scores, and how risk owners monitor which controls protect their risks.
Did this article solve your issue?
Let us know so we can improve!
Loading
Salesforce Help | Article
Cookie Consent Manager
General Information
Required Cookies
Functional Cookies
Advertising Cookies
General Information
We use three kinds of cookies on our websites: required, functional, and advertising. You can choose whether functional and advertising cookies apply. Click on the different cookie categories to find out more about each category and to change the default settings.
Privacy Statement
Required Cookies
Always Active
Required cookies are necessary for basic website functionality. Some examples include: session cookies needed to transmit the website, authentication cookies, and security cookies.
Functional Cookies
Functional cookies enhance functions, performance, and services on the website. Some examples include: cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual.
Advertising Cookies
Advertising cookies track activity across websites in order to understand a viewer’s interests, and direct them specific marketing. Some examples include: cookies used for remarketing, or interest-based advertising.
