Notifications
digest: weekly · critical bypasses
Mark all read
Dashboard
Org default · click any number to drill through
Active risks
—
across 1 register (demo)
High-rated
—
1 above appetite threshold
Overdue / escalated
4
1 at management level 2
Attestation coverage
82%
Q2 cycle · 2 pending signature
Risk Register — Enterprise ERM
745 rows in the real fixture · 21 shown here · every column sorts & filters
All
Active
Pending review
Closed
Details (field-level permissions: Risk Response editable by Business Head only)
Linked controls · many-to-many
Control assessed → risk re-assessed: does it lower the level?
Score history (ScoreSnapshots)
Incidents tagged
Remediation actions
Audit trail (append-only)
My Work — Priya Nair
everything assigned to you, split by type — more types can be added later
Controls (8)
Risks (5)
Remediations (6)
Attestations (0)
Control assessment — CO.D01.03 "Maker-checker review of client onboarding" Open due in 3 days
Program: Q3 Control Effectiveness · custom screen v2 · pre-filled from last cycle ✓
onboarding_sample.xlsx attached · max 5 MB per file
Risk assessment — RI.D02.04 "Risk of delayed processing during payout runs" Open due Jul 22
Program: Q3 Risk Re-assessment · re-assessment 2 of 3 (max 3 per cycle) · previous current score: 4×5 = 20 High
Linked control CO.D02.01 last assessed: Partially effective — is it lowering the risk to the right level?
→ score config v3 · was 16 High
Remediation — "Strengthen exception report review" In progress due Jul 18
Maker (owner)
Aman Das
Checker (verifier)
Priya Nair — you
Approver
Vikram Rao (Risk Manager) — approved at Planned, will countersign closure
Source
assessment finding on RI.D02.04 · category: process improvement
Deadline
escalation clock follows this date
Comments
0 / 10,000 characters
Attachment
max 5 MB per file
evidence: revised_exception_SOP.pdf
Attestations
Nothing pending signature for you this cycle. Rohan Iyer's Q2 attestation is on the Attestations page. Attestations can't be delegated — they appear here only for the attestor.
Incidents
any user can raise · severity sets TAT · tags feed accumulation alerts
All
Open
Resolved
Closed
FY 2026-27 · Q2
Click a row to open the incident. Fields below the summary are ColumnDefs — customisable per org, same engine as the register.
Control Library
org-wide · link to any number of risks · owners independent of risk owners
Risk Register / Migration Studio
Migration Studio
customer_register.xlsx · 745 rows × 67 columns · the session saves after every stage — resume anytime · an agent pre-fills the suggestions, you confirm
Assessments
every run is tracked — program waves and ad-hoc launches from the register
All
Active
Completed
Launch ad-hoc runs from the Risk Register: select risks → Start assessment. Items land in each assignee's My Work.
Items — one assessment per subject, assigned to its owner
Details (custom fields via ColumnDef — workflow-backed,)
Risk linkage
SLA
Audit trail
Attestations — Q2 sign-off
Rohan Iyer, Business Head · snapshot compiled Jul 01 (point-in-time)
Quarterly Risk Ownership Certification · org template v4
I confirm the risks below are mine, the incidents captured and assessments performed for the period are complete, and the ratings are accurate. (Click ⚑ to dispute an item.)
| Risk | Rating | Assessments in period | Incidents | |
|---|---|---|---|---|
| RI.D01.01 — Risk of incomplete verification during client onboarding | Medium | 2 ✓ | 0 | |
| RI.D02.04 — Risk of delayed processing during payout runs | High | 1 ✓ | 3 | |
| RI.D01.02 — Risk of unauthorised changes to standing data | Medium-Low | 1 ✓ | 0 |
signing is human-only — agents cannot
Escalation dashboard
multi-level chains · aging · by owner and unit
| Item | Owner | Unit | Overdue | Level | Next |
|---|---|---|---|---|---|
| Control assessment — CO.D03.11 | Dev Shah | BU 03 | 6 days | L1 notified | L2 (manager) in 4 days |
| Control assessment — CO.D02.02 | Kavya Rao | BU 02 | 12 days | L2 notified | — |
| Remediation — exception review | Aman Das | BU 01 | 3 days | reminder | L1 in 2 days |
| Attestation — Q2 (Meera Bose) | Meera Bose | BU 03 | 2 days | reminder | L1 in 3 days |
Escalations are critical-class: they bypass digest preferences and cannot be muted.
Admin
everything below is configuration, not code
Rating calibration editor — admin config, not a snapshot
Matrix size:
one active config per register — publishing replaces it (old snapshots keep their version)
Click a cell to cycle its rating. Edits build a draft; nothing changes until published, and published changes apply to future scores only.
active: v3 (5×5) · draft: none
Register columns (ColumnDef) — reorder, edit-roles, add
Column changes never touch existing rows: renames are label-only (stable keys, so saved import mappings keep working); type changes are blocked unless existing data validates; archive keeps all data and is reversible; a new required column flags old rows "incomplete" instead of blocking them.
Severity → TAT — resolution deadline in business days, set at triage
| Severity | TAT (business days) |
|---|---|
| Critical | |
| Major | |
| Moderate | |
| Minor |
Storage — usage, exports, lifecycle
Attachments
1.24 GB across 3,412 files · largest driver of growth
Audit log
338 MB · 14 monthly partitions
Database (rows)
212 MB
Archive policy
closed/completed records auto-archive after 3 years — hidden from default views and dashboards, fully queryable via the "include archived" toggle; links and audit intact
Export bundles
data older than 1 year exports as yearly bundles (zip + manifest hash)
Reclaim disk
guarded · dual-confirm · audited
Organisation branding
"Powered by AuditCue" stays in the footer
Workflow sections — who edits what, per stage
Sections group fields along the workflow. Users assigned to a section can edit only that section's fields while the record is in the matching stage — everyone keeps normal view access. Reorder, reassign editors, or add sections; the same engine drives risks and incidents.
Risk workflow
Incident workflow
Email notifications — event catalogue, templates admin-editable
My digest for routine notifications:
Templates are variable substitution against a documented placeholder allowlist — never a code-executing engine.
Powered by AuditCue