HomeGuidesAPI ReferenceChangelog
Log In
Guides

Exceptions

Exceptions Module

This page contains information to assist our customers with utilizing the Exceptions module in RegScale. It describes what it is, why you would use it, the benefits, and provides instructions on getting started.

What is it?

A exception is the process of providing temporary relief for a non-compliant requirement or control.

Why would you use it?

Exceptions are commonly used to justify the basis for non-compliance with organizational policy. There are many reasons to manage exceptions which include:

  • Document the justification for the exception to include things such as:
    • Technical feasibility
    • Cost feasibility
    • Risk assessment
    • Compensatory controls and mitigations
  • Provide workflows for review and approval
  • Provide lifecycle management for exception expiration dates

What are the benefits?

A strong exception management program results in multiple benefits for an organization; to include:

  • Document the justification for the exception for defending to auditors
  • Improve accountability for approving policy exceptions
  • Avoid expired exceptions that may result in audit findings and non-compliances
  • Reduce risks associated with non-compliances

How do I use it?

The exception module in RegScale Community Edition (CE) provides a number of key features that are useful in managing a robust program, to include:

  • Tracking approval and expiration dates for lifecycle management
  • Tracking the status of exceptions (i.e. Approved, Draft, Pending Approval, Expired, etc.)
  • Conducting risk assessments related to exceptions
  • Tracking related tasks and evidence
  • Assigning ownership of policy/control/requirement exceptions
  • Real-time tracking and dashboards
  • Automation via our Application Programming Interfaces (APIs)
  • Single pane of glass assignment tracking via our work bench
  • Automated workflows for review and approval
  • Interactive timeline builder
  • Social collaboration via our News Feed (LinkedIn for Compliance) and real-time commenting system
  • Secure evidence management with our file upload and encryption system
  • Audit history including every view, update, print, email, etc.
  • Calendar view to see exceptions expiring within any given period

For our Enterprise Edition (EE) customers, you get all the great features above, plus we add:

  • Ability to create custom fields to extend the schema and build out customer specific data entry forms
  • Integration with Microsoft Teams and Slack for real-time collaboration
  • Ability to host a multi-tenant version to segregate data by site, customer, organization, etc. to run many different exception management programs with complete data isolation from a single installation
  • Real-time interactive dashboard with Microsoft PowerBI AddOn