Demo · sample data, not for production use · request the real tool →

CC2.2

Internal communication of objectives and responsibilities

SecurityImplementedSecurity (Common Criteria)

Control description

AICPA Trust Services Criteria

The entity internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.

Auditor test plan

How this is tested during the audit

Auditor reviews the intranet security policy index and a sample of all-hands security updates.

Evidence

No evidence on file yet

Open vault →
No evidence attached

Upload at least one artifact before the audit window opens.

Last reviewed
17d
Within 180-day window
Evidence on file
2

Owner

DS
Director, Security
Accountable for design + operating effectiveness

Status timeline

Recent control history

  1. Last reviewed by Director, Security

    17d ago

  2. Status set to implemented

    47d ago

  3. Initial control design approved

    107d ago