# Controls

A **control** in Sprinto is a specific measure or safeguard that addresses a compliance, security, or operational requirement. Controls help your organisation meet industry standards, frameworks, and regulatory mandates.

Once a control is created—either by default through a mapped framework or as a custom control—you can manage it to keep it relevant and aligned with your compliance needs. This includes updating its details, mapping or unmapping checks, and managing linked frameworks and criteria.

### Why Managing Controls is Important

Managing controls is not a one-time activity—it is an ongoing process. Business processes, technology stacks, and regulatory landscapes change over time. Regularly reviewing and updating controls helps you:

* Ensure that compliance requirements are always met
* Maintain accurate mapping to frameworks and criteria
* Avoid unnecessary checks or redundant control monitoring
* Deactivate controls that are obsolete or no longer in scope
* Provide auditors with clear, up-to-date evidence of compliance coverage

### Actions Available When Managing a Control

<table><thead><tr><th width="199.28125">Action</th><th>Purpose</th></tr></thead><tbody><tr><td><strong>Map/Unmap Checks</strong></td><td>Link relevant monitoring checks to the control to verify its effectiveness, or remove checks that are no longer needed. Checks can be searched, filtered, and mapped in bulk.</td></tr><tr><td><strong>Edit Control Details</strong></td><td>Update the control’s name, description, category, or configuration to reflect internal changes or regulatory updates.</td></tr><tr><td><strong>Disable Control</strong></td><td>Temporarily deactivate a control if it is under review, or permanently disable it if it is no longer applicable. This helps keep your compliance environment clean and focused.</td></tr><tr><td><strong>Manage Mapped Frameworks</strong></td><td>View, add, or remove frameworks associated with the control to ensure the right compliance standards are covered.</td></tr><tr><td><strong>Map Framework Criteria</strong></td><td>Select specific clauses or requirements from a framework that the control satisfies. This provides traceability and proof of compliance during audits.</td></tr></tbody></table>

### Example Use Cases

<table><thead><tr><th width="129.6640625">Scenario</th><th>Action Taken</th><th>Benefit</th></tr></thead><tbody><tr><td><strong>Compliance Alignment</strong></td><td>Add a new framework to an existing control and map its criteria.</td><td>Avoids duplicating controls while ensuring new regulatory requirements are met.</td></tr><tr><td><strong>Operational Change</strong></td><td>Unmap outdated checks and replace them with relevant ones.</td><td>Keeps monitoring activities aligned with current operational practices.</td></tr><tr><td><strong>Framework Optimisation</strong></td><td>Remove a retired framework while retaining links to other active frameworks.</td><td>Streamlines compliance coverage and reduces unnecessary framework management.</td></tr></tbody></table>

### Benefits of Regular Control Management

By consistently reviewing and managing your controls, you gain:

* **Audit Readiness:** Always have up-to-date framework mappings and checks for faster, smoother audits.
* **Risk Reduction:** Ensure no gaps exist in compliance coverage due to outdated control details.
* **Efficiency:** Reduce overhead by disabling unnecessary controls and streamlining monitoring activities.
* **Clarity:** Maintain clear associations between controls, checks, and framework requirements.