Request failed with status code 502

Exception Management

Record and Manage your Risk, Compliance and Policy Exceptions lifecycle - long

  • Episodes7
  • Duration15m 15s
  • LanguagesEN
Episode 5

Identifying Exceptions

The method we use to identify Exceptions

Introduction

Exceptions are rarely used as a stand-alone module, meaning that the module is used without connection to other modules and use cases. For that reason, the identification process for an exception is tightly related to other modules and we recommend looking at those modules to understand more.

Is extremely important that the problem/solution concept used by Eramba is extremely clear before using these modules.

Risk Exceptions

We recommend you look at the "Identifying Risk Solutions" episode in the Risk Management course to understand how Risk Exceptions are identified.

Compliance Exceptions

We recommend you look at the "Identifying Compliance Solutions" episode in the Compliance Management course to understand how Compliance Exceptions are identified.

Policy Exceptions

The Policy Exception module is used when a request is made to the GRC team that goes against a documented Policy, Procedure, Standard, Etc. For example, the software development team needs access to production databases to correct an urgent issue instead of debugging this on a staging or development environment.

In such cases a controlled change request should take place and an exception is logged to that case that describes:

  • Which team requested this exception
  • What documents (from the Policy module) are being bypassed
  • Until what date this is required

The three attributes mentioned above will be used to create an exception.