Sprinto Dashboard

Resolve Sprinto Check for Periodic Review of Org Chart

Learn how to resolve Sprinto’s monitor for periodic review of the organisational chart and role mappings.

Sprinto raises this monitor when it detects that your organisation has not recently reviewed or updated its organisational hierarchy, reporting structure, or mapped roles. Periodic reviews of the org chart help ensure that job titles, reporting relationships, and responsibilities remain accurate—especially after staff changes, restructuring, or expansion.

This check is essential for maintaining governance across access control, role-based workflows, and audit readiness.

Why this matters

An outdated org chart can result in:

  • Incorrect role-based access assignments

  • Missed responsibilities in policy ownership or task delegation

  • Delayed offboarding due to unknown reporting managers

  • Gaps in risk accountability or evidence approvals

Compliance frameworks such as ISO 27001 (A.6.1.1, A.7.1.2) and SOC 2 (CC1.3, CC6.1) require organisations to maintain up-to-date role and responsibility mappings.

What Sprinto checks

Sprinto evaluates whether:

  • Reporting managers are correctly assigned to staff

  • Key roles (e.g., policy owner, evidence approver, control owner) are mapped

  • Org chart updates are documented periodically (e.g., quarterly or semi-annually)

When does the monitor fail?

Reason for Failure
Description

No recent update to org chart

Org chart has not been reviewed or updated in the last quarter

Unassigned or incorrect reporting managers

Staff members have no reporting manager or are assigned incorrectly

Role mappings missing or outdated

Roles like policy owner or control owner not correctly mapped

How to Resolve

  1. Review current org chart

    • Navigate to People > Staff

    • Check if each staff member has an assigned Reporting Manager

  2. Update role and reporting mappings

    • Go to People > Roles & Responsibilities

    • Assign or update roles such as:

      • Policy Owner

      • Control Owner

      • Evidence Approver

      • Risk Owner

  3. Document the review

    • Create a timestamped record or screenshot of the updated structure

    • Ensure that future reviews are scheduled (e.g., quarterly)

  4. Upload evidence in Sprinto

    • Upload a screenshot of the updated org chart and role mappings

    • Use the Mark as Resolved option to clear the monitor

Accepted Evidence

Type
Description

Org chart screenshot

Export from HRMS or staff hierarchy in Sprinto

Role mapping screenshot

Roles assigned in Roles & Responsibilities tab

Timestamped update log

Record showing last reviewed/updated date

Best Practices

  • Align org chart reviews with quarterly compliance reviews

  • Automate updates by integrating with your HRMS (e.g., BambooHR, Gusto)

  • Periodically export and archive org chart changes for audit traceability

PreviousVulnerability Management MonitorsNextClose Reported Incidents Within Defined Timelines

Last updated