Use This Doc For
/compliance/controls/compliance/controls/[id]/compliance/evidence/compliance/evidence/[id]
Workflow
- Review the control objective first.
- Check the evidence expected to prove that control.
- Record missing evidence as a gap or corrective action instead of silently accepting drift.
What To Watch
- evidence collected without being tied to a specific control
- controls that look complete but have stale or weak evidence
- route users confusing document storage with actual control operation
Edit this page on GitHub
