Skip to content

Findings & Actions🔗

Purpose🔗

Findings and Actions form the central task and action management of the GRASP GRC Suite.
They are used across various modules – e.g. risk management, audit or IT baseline protection – and enable unified control over to-dos, responsibilities and deadlines.

Typical Workflow🔗

  • A module (e.g. risk or audit) creates a finding.
  • One or more actions are created or linked to this finding.
  • Actions have responsible persons, optional approvers, priority and due date.
  • Email notifications and status fields keep you informed about the processing status.

Details on creating and editing an action can be found in the Treatment Plan section of risk management or in the Execution & Evaluation section of the audit module.