This section is designed to explain how to generate the Compliance Analysis Report (CAR) in the analysis phase of a compliance project.
The Compliance Analysis Report (CAR) presents the final results of the analysis phase of a compliance project, consolidating the information collected during the project. This report assists in the compliance management process for your organization by making recommendations for the evaluation and treatment of the non-compliances identified.
Note that this report can be customized according to your organization’s needs and enabled for use. The system allows all report templates to be disabled, both custom and those provided by Modulo, in which case no reports will be available in this section. For details on managing report templates and editing them, see Chapter 6: Compliance -> Compliance Reports.
You can also schedule a report to be sent by specifying the recipients, the date on which they will begin to be sent, the frequency with which they will be sent, and the number of times. For example, if you want to receive a weekly report on the non-compliances in your IT department, you can schedule a report that includes only analysis information related to your IT department. A daily time must be set in the Administration module for these reports to be sent. For details on how to set this time, see Chapter 17: Administration -> Scheduled Reports.
The report evaluates the compliance project through the results obtained from interviews through which the objects selected for the scope of the project were analyzed, allowing you to view detailed, consolidated information on the Compliance Level and Compliance Index for the project from different perspectives – by authoritative document, by requirement, and by object.
There are six sections to this report, namely: Analysis Summary, Methodology Adopted, Limitations, Context, Consolidated Analysis, Detailed Analysis, and Recommendations.
The Analysis Summary section indicates which authoritative documents, requirements, and objects were analyzed in the project and general information on the results (see the figure below for an example of information provided in this section).
The Methodology Adopted section explains the methodology used to perform the compliance analysis, and also explains the compliance metrics and how they are calculated (Compliance Index and Compliance Level) (see the figure below for an example of information provided in this section).
The Limitations section explains the reach of the results contained in the report.
The Context section presents the investigated requirements, the scope, and the team involved in the analysis (see the figure below for an example of information provided in this section).
The Consolidated Analysis section presents the consolidated results of the analysis for the authoritative documents and for the requirements from each level (see the figure below for an example of information provided in this section).
The Recommendations section indicates the actions that can be taken to lend continuity to the compliance project.
Note: Reports are best viewed in PDF format.