Benchmark: CC3.4 COSO Principle 9: The entity identifies and assesses changes that could significantly impact the system of internal control
Description
Assesses Changes in the External Environment - The risk identification process considers changes to the regulatory, economic, and physical environment in which the entity operates.
Assesses Changes in the Business Model - The entity considers the potential impacts of new business lines, dramatically altered compositions of existing business lines, acquired or divested business operations on the system of internal control, rapid growth, changing reliance on foreign geographies, and new technologies.
Assesses Changes in Leadership - The entity considers changes in management and respective attitudes and philosophies on the system of internal control.
Assess Changes in Systems and Technology - The risk identification process considers changes arising from changes in the entity’s systems and changes in the technology environment.
Assess Changes in Vendor and Business Partner Relationships - The risk identification process considers changes in vendor and business partner relationships.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select CC3.4 COSO Principle 9: The entity identifies and assesses changes that could significantly impact the system of internal control.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.soc_2_cc_3_4Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.soc_2_cc_3_4 --share