Controls

Controls is the register of the SOC 2 control objectives the institution commits to -- security, availability, confidentiality and processing-integrity measures -- each tracked for status and ownership. It frames what the institution must prove and ties each control to its evidence. Compliance leads use it to manage readiness across the trust criteria.

Controls
Controls — live screen from the BridgeERP MFI Suite.

Workflow

  1. Open MFI > Configuration > Tools > SOC 2 > Controls
  2. Review the registered control objectives and owners
  3. Open a control to see its description and status
  4. Link the relevant evidence collected for it
  5. Track gaps and assign remediation owners

Fields reference

Every field on this screen, drawn from the live data model.

FieldTypeRequiredDescription
Collector
collector
TextName of the method on mfi.soc2.evidence that collects evidence for this control (e.g. 'collect_mfa_coverage').
Name
name
TextYesName
Code
code
TextYesCode
Tsc
tsc
Choice: Common Criteria, Availability, Confidentiality, Processing Integrity, PrivacyYesTsc
Description
description
Long textDescription
Cadence
cadence
Choice: Daily, Weekly, Monthly, QuarterlyCadence
Active
active
Yes/NoActive

Notes & rules

  • Model mfi.soc2.control -- control register
  • Key fields: control objective, owner, status
  • Related: Evidence, Audit Logs
  • Used by compliance and security leads

Technical model: mfi.soc2.control · Record: SOC 2 control

Was this page helpful?