CC1.3
Establishes structure, authority, and responsibility
SecurityImplementedSecurity (Common Criteria)
Control description
AICPA Trust Services Criteria
Management establishes structures, reporting lines, and authorities and responsibilities in pursuit of objectives.
Auditor test plan
How this is tested during the audit
Auditor reviews the org chart, role descriptions, and delegation-of-authority matrix.
Evidence
No evidence on file yet
No evidence attached
Upload at least one artifact before the audit window opens.
Last reviewed
88d
Within 180-day window
Evidence on file
2
Owner
C
COO
Accountable for design + operating effectiveness
Status timeline
Recent control history
Last reviewed by COO
88d ago
Status set to implemented
118d ago
Initial control design approved
178d ago