CCM - Control Compliance Model

. is the control compliance model of "enablers" of CONIG Framework

. has an objective that is to provide a detailed method and a set of supporting tools - for developing an internal control architecture. It may be used freely by any organization wishing to adopt CONIG for use within that organization in order to comply authoritative requirements

. has detail objectives;
   - Document controls and details
   - Test controls
   - Review controls
   - Identify control deficiencies
   - Issue and Remediation Management
   - Report on control status
   - Maintain controls
   - Test control once and rely on results for many regulations
   - Incorporate policy and risk management into compliance management
   - Identify external compliance requirements (authoritative requirements)
   - Optimise response to authoritative requirements
   - Confirm authoritative requirements
   - Obtain assurance of authoritative requirements

. establish mappings among "internal controls" and "authoritative requirements"

. defines quatitative scoring model for "internal controls" and "authoritative requirements" based on tests and audit finding