Edit a Control

In this section, you know about how to edit controls, understand which users have the necessary permissions, and explore the specific elements within a control that can be modified.

Which users have permission to edit controls?

Managers and Auditors can edit controls. Unit Managers may be granted permission to edit user-defined controls. Go to PA > Policies > Controls, select a control and choose Edit from the Quick Actions menu.

What can I edit?

For a service provided control, you can edit control references and comments.

For a user-defined control (UDC), you can edit the control statement, category, sub-category, comments, reporting options, scan parameters and their description, control values used to calculate the expected values, control technologies, and references.

When Control Criticality is enabled for your subscription, you can change or remove the criticality level assigned to the control. Learn more about Control Criticality.

After you edit a UDC, you must run a fresh scan and generate a new report to use the modified values in data collection and evaluation.