# Perform and Submit Senior Management Reviews
Sprinto assigns periodic review responsibilities to senior management as part of maintaining compliance with frameworks like SOC 2, ISO 27001, and GDPR. These reviews validate the work completed by Infosec Officers across areas such as policies, organisational structure, risk management, and vendor assessments.
Each review is presented as a monitor that runs on a fixed cycle (usually every 12 months) and appears under the **Senior management** tab in the **Reviews** section.
***
### Before you begin
* Ensure that you are assigned the **Senior Management** role in Sprinto.
* Verify that the prerequisite actions have been completed by the Infosec Officer:
* Policies have been created and shared.
* Organisation chart is populated with staff roles and reporting hierarchy.
* Risk assessments and vendor due diligence have been completed.
***
### Perform a senior management review
1. Go to **Data Library > Reviews > Senior management**.
2. Locate the review card you want to complete (e.g. Policy Review, Org Structure Review).
3. Click **Finish pending review**.
You’ll now see a modal with the relevant data for review. Follow the section-specific guidance below.
***
#### Policy Review
* Click **View** next to each policy to read its contents.
* Add any **review comments** if policies need updates.
* Tick the confirmation checkbox:\
\&#xNAN;*I confirm that the policies listed above are accurate and complete*.
* Click **Submit Review**.
***
#### Org Structure Review
* Review the displayed reporting hierarchy.
* Address any warnings such as *"No manager assigned yet"*.
* Add optional comments under **Review comments**.
* Tick the confirmation checkbox:\
\&#xNAN;*I confirm that the org structure shown above is accurate and complete*.
* Click **Submit Review**.
***
#### Risk Assessment Review
* View the list of assessed risks, risk scores, and mitigation status.
* Validate the **effective residual risk** values and owner assignments.
* Add review comments if required.
* Confirm by checking:\
\&#xNAN;*I have reviewed the risk assessment above*.
* Click **Submit Review**.
***
#### Vendor Assessment Review
* Review the full list of vendors, their risk classification, and due diligence status.
* Click on individual vendors for detailed assessments.
* Validate that all high-risk vendors have completed due diligence.
* Confirm by checking:\
\&#xNAN;*I have reviewed all the vendors and their risks listed above and confirm they are accurate and complete*.
* Click **Submit Review**.
***
### View completed reviews
1. On any review card, click **View completed reviews**.
2. You can inspect:
* Past reviewers and their actions.
* Submitted comments.
* Evidence uploads (if applicable).
This helps maintain an audit trail and ensures transparency in the review process.
***
### Monitor review status
Status
Meaning
Passing
Review completed and submitted successfully.
Due
Review is pending but within the SLA window.
Critical
Review is due within the next 7 days.
Failing
Review has breached the SLA or was never completed.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.sprinto.com/data-library/reviews/dashboard-actions/perform-and-submit-senior-management-reviews.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.