CC4.2
Communicates and remediates deficiencies
SecurityPartialSecurity (Common Criteria)
Control description
AICPA Trust Services Criteria
The entity evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action.
Auditor test plan
How this is tested during the audit
Auditor inspects the deficiency-tracking register and SLA for remediation by severity tier.
Evidence
No evidence on file yet
No evidence attached
Upload at least one artifact before the audit window opens.
Last reviewed
47d
Within 180-day window
Evidence on file
2
Owner
DI
Director, Internal Audit
Accountable for design + operating effectiveness
Status timeline
Recent control history
Last reviewed by Director, Internal Audit
47d ago
Remediation plan opened
61d ago
Auditor flagged design gap
107d ago