Notifications digest: weekly · critical bypasses Mark all read

Dashboard

Org default · click any number to drill through
Active risks
across 1 register (demo)
High-rated
1 above appetite threshold
Overdue / escalated
4
1 at management level 2
Attestation coverage
82%
Q2 cycle · 2 pending signature

Current risk placement · snapshot on active config · click to drillCSV · PDF

Counts of Active risks per L×I cell. Cell colours come from the published scoring config — calibration is edited in Admin, not here.

SignalsCSV · PDF

Program progress · admin view across all owners

Q3 Control Effectiveness
25/40
Q3 Risk Re-assessment
8/20
Remediations2 proposed · 3 in progress · 1 awaiting verify · 1 overdue

Score trend — RI.D01.01

inherent → current across 5 assessment cycles

Risk posture trend · active risks by rating, quarterlyCSV · PDF

Control effectiveness · last completed cycleCSV · PDF

Incidents by severity · last 6 months · click bars to drillCSV · PDF

Risk Register — Enterprise ERM

745 rows in the real fixture · 21 shown here · every column sorts & filters
All Active Pending review Closed

Details (field-level permissions: Risk Response editable by Business Head only)

Linked controls · many-to-many

Control assessed → risk re-assessed: does it lower the level?

Score history (ScoreSnapshots)

Incidents tagged

    Remediation actions

      Audit trail (append-only)

        My Work — Priya Nair

        everything assigned to you, split by type — more types can be added later
        Controls (8) Risks (5) Remediations (6) Attestations (0)

        Control assessment — CO.D01.03 "Maker-checker review of client onboarding" Open due in 3 days

        Program: Q3 Control Effectiveness · custom screen v2 · pre-filled from last cycle ✓
        onboarding_sample.xlsx attached · max 5 MB per file

        Risk assessment — RI.D02.04 "Risk of delayed processing during payout runs" Open due Jul 22

        Program: Q3 Risk Re-assessment · re-assessment 2 of 3 (max 3 per cycle) · previous current score: 4×5 = 20 High
        Linked control CO.D02.01 last assessed: Partially effective — is it lowering the risk to the right level?
        → score config v3 · was 16 High

        Remediation — "Strengthen exception report review" In progress due Jul 18

        Maker (owner)
        Aman Das
        Checker (verifier)
        Priya Nair — you
        Approver
        Vikram Rao (Risk Manager) — approved at Planned, will countersign closure
        Source
        assessment finding on RI.D02.04 · category: process improvement
        Deadline
        escalation clock follows this date
        Comments
        0 / 10,000 characters
        Attachment
        max 5 MB per file
        evidence: revised_exception_SOP.pdf

        Attestations

        Nothing pending signature for you this cycle. Rohan Iyer's Q2 attestation is on the Attestations page. Attestations can't be delegated — they appear here only for the attestor.

        Incidents

        any user can raise · severity sets TAT · tags feed accumulation alerts
        All Open Resolved Closed
        FY 2026-27 · Q2
        Click a row to open the incident. Fields below the summary are ColumnDefs — customisable per org, same engine as the register.

        Control Library

        org-wide · link to any number of risks · owners independent of risk owners
        Risk Register / Migration Studio

        Migration Studio

        customer_register.xlsx · 745 rows × 67 columns · the session saves after every stage — resume anytime · an agent pre-fills the suggestions, you confirm

        Assessments

        every run is tracked — program waves and ad-hoc launches from the register
        All Active Completed
        Launch ad-hoc runs from the Risk Register: select risks → Start assessment. Items land in each assignee's My Work.

        Items — one assessment per subject, assigned to its owner

        Details (custom fields via ColumnDef — workflow-backed,)

        Risk linkage

        SLA

        Audit trail

          Attestations — Q2 sign-off

          Rohan Iyer, Business Head · snapshot compiled Jul 01 (point-in-time)

          Quarterly Risk Ownership Certification · org template v4

          I confirm the risks below are mine, the incidents captured and assessments performed for the period are complete, and the ratings are accurate. (Click ⚑ to dispute an item.)

          RiskRatingAssessments in periodIncidents
          RI.D01.01 — Risk of incomplete verification during client onboardingMedium2 ✓0
          RI.D02.04 — Risk of delayed processing during payout runsHigh1 ✓3
          RI.D01.02 — Risk of unauthorised changes to standing dataMedium-Low1 ✓0
          signing is human-only — agents cannot

          Escalation dashboard

          multi-level chains · aging · by owner and unit
          ItemOwnerUnitOverdueLevelNext
          Control assessment — CO.D03.11Dev ShahBU 036 daysL1 notifiedL2 (manager) in 4 days
          Control assessment — CO.D02.02Kavya RaoBU 0212 daysL2 notified
          Remediation — exception reviewAman DasBU 013 daysreminderL1 in 2 days
          Attestation — Q2 (Meera Bose)Meera BoseBU 032 daysreminderL1 in 3 days
          Escalations are critical-class: they bypass digest preferences and cannot be muted.

          Admin

          everything below is configuration, not code

          Rating calibration editor — admin config, not a snapshot

          Matrix size: one active config per register — publishing replaces it (old snapshots keep their version)
          Click a cell to cycle its rating. Edits build a draft; nothing changes until published, and published changes apply to future scores only.
          active: v3 (5×5) · draft: none

          Register columns (ColumnDef) — reorder, edit-roles, add

          Column changes never touch existing rows: renames are label-only (stable keys, so saved import mappings keep working); type changes are blocked unless existing data validates; archive keeps all data and is reversible; a new required column flags old rows "incomplete" instead of blocking them.

          Severity → TAT — resolution deadline in business days, set at triage

          SeverityTAT (business days)
          Critical
          Major
          Moderate
          Minor

          Storage — usage, exports, lifecycle

          Attachments
          1.24 GB across 3,412 files · largest driver of growth
          Audit log
          338 MB · 14 monthly partitions
          Database (rows)
          212 MB
          Archive policy
          closed/completed records auto-archive after 3 years — hidden from default views and dashboards, fully queryable via the "include archived" toggle; links and audit intact
          Export bundles
          data older than 1 year exports as yearly bundles (zip + manifest hash)
          Reclaim disk
          guarded · dual-confirm · audited

          Organisation branding

          "Powered by AuditCue" stays in the footer

          Workflow sections — who edits what, per stage

          Sections group fields along the workflow. Users assigned to a section can edit only that section's fields while the record is in the matching stage — everyone keeps normal view access. Reorder, reassign editors, or add sections; the same engine drives risks and incidents.
          Risk workflow
          Incident workflow

          Email notifications — event catalogue, templates admin-editable

          My digest for routine notifications:
          Templates are variable substitution against a documented placeholder allowlist — never a code-executing engine.
          Powered by AuditCue