Working in Controls

This page shows you how to use the Controls module for risk, control, and remediation work.

Product: Beam Machine
Module: Controls
Role: Internal Auditor, Control Owner, Risk Lead, Compliance Reviewer
Difficulty: Intermediate
Time: 10 minutes first read
Last Updated: 2026-03-10
Version: Current Beam Machine app build in this repo

Before You Start

• You should know the active entity.
• You should know whether your task is risk review, matrix review, gap tracking, or compliance review.
• Keep ../15-payroll-audit-controls-and-advisory.md open if you need the wider specialist-module view.

What is Controls?

This module is the control-environment workspace. On paper, this would be the risk register, control matrix, gap tracker, and compliance report pack.

In Beam Machine, it lives under Controls.

When do you use this?

Use this module when:

• you need to review control coverage,
• control effectiveness must be checked,
• remediation gaps must be tracked,
• or compliance summaries must be reviewed.

If risks, controls, and gaps are managed in different places, nobody has a clean view of the real control environment.

Where do you find it?

Primary path: Professional -> Controls
Detailed routes:

• /dashboard/controls
• /dashboard/controls/risks
• /dashboard/controls/matrix
• /dashboard/controls/gaps
• /dashboard/controls/compliance

How to work in Controls

Review the controls dashboard

1. Open Controls.
2. Review total risks, total controls, open gaps, and pending remediations.
3. Open the specific work area that matches your task.

Review the control matrix

1. Open Controls -> Control Matrix.

2. Review:

   • control reference
   • objective
   • type
   • frequency
   • risk category
   • key-control flag
   • effectiveness rating
   • gap count

3. Use this page when you need the full control picture instead of a single issue record.

Review gaps and compliance

1. Open Gap Analysis to review control gaps, severity, and remediation tracking.
2. Open Compliance for the compliance summary view.

✅ Checkpoint: You should now know whether your work is about the risk register, the control library, the gap tracker, or compliance summary.

Common Questions & Issues

"The control exists, but testing is weak"

Why this happens: The matrix can show controls that are not yet fully tested or only partially effective.

Fix: Review the effectiveness state and gap count before telling the business the control is healthy.

"Can I use gaps as my only view?"

Why this happens: Users jump straight to the problem list.

Fix: Use Gap Analysis together with Control Matrix so you understand the control context, not just the symptom list.

What's Next

• Read 19-working-in-audit.md if the control work came from audit findings.
• Read 18-working-in-esg.md if the control issue sits in a wider reporting or governance workflow.

Related Pages

• ../09-assurance-and-advisory.md
• ../98-screen-map.md
• ../99-functionality-gap-map.md

SA Compliance Reference

• Follow your internal control framework, governance policy, and remediation signoff process.

Still Stuck?

• Check the route in ../98-screen-map.md.
• Contact support: support@veva.co.za

Was this page helpful?

[Yes] [No]