Control Tasks can be accessed by clicking Open on any control, as shown below. This will open up a new page dedicated solely to that control.

Let's review control 5.1 for Cyber Essentials.

Control Details

Let's go through each section here:

Control Title

An outline of what the control requires

Implementation Status

A status tag showing whether the control has been started, paused, outscoped, or is complete

Auditor Approval

Indicates whether the control is either pending review by an auditor, has been accepted by an auditor,

Evidence Guidance

Outlines what evidence should be attached to the control to prove that it has been met

Control Evidence

Displays any attached evidence

Last Updated

A timestamp of when the control was last actioned

Completed

A percentage indicator of your current alignment with the controls

Changing Control Status and Updating Evidence

Underneath the control details you will find two buttons. These allow you to change the status of the control, and manage the evidence associated with it.

Update Control Status

Selecting this button will open a new window where you can change the status and scope of the control. Let's review this area:

Full Name - This name will be recorded in the audit log so your business can keep track of which user is changing controls
Implementation Status - Set the control to Not Started, In Progress, Completed, or Outscoped.
Scope - Set the control as either Inscope or Outscoped. (Setting a control as outscoped means that you believe it does not apply to your organisation. This can be for a variety of reasons)
Confirmation - A simple checkbox to confirm that the status change is correct
Signature - Either a written or typed signature by an authorised user to confirm the status change.

Manage Evidence

This option allows you to upload any evidence you wish to be linked to this control. In this example, Cyber Essentials 5.1, the Evidence Guidance suggests that a PDF, of an up-to-date inventory list of installed applications/services which has been annotated to show any removed services or applications, would be sufficient to meet the control evidence requirements.

Control Submenus

Underneath the Update Control Status and Manage Evidence buttons you will find multiple important pages related to the control, as shown below. Let's go through each of them one by one.

Tasks - Technical & Tasks - Operational

This area will list contain a list of tasks that relate to various technical and operational elements of your organisation.

Technical tasks represent gaps in your security posture that have been automatically detected by the OneClickComply platform, and should be remediated as soon and possible. Completing these tasks will bring your settings and controls into alignment with the control, thus bringing you closer to overall compliance with your chosen standard(s). See below for an example:

Operational tasks are administrative actions that you will need to complete and evidence as part of compliance with both the control and overall standard.

To learn more about completing control tasks, click here.

Uploaded evidence

This area allows you to view all of the evidence that has been uploaded for the control. This includes evidence that has been uploaded to meet the requirements of a task.

Discussion

The Discussion area allows users to comment on individual controls, enabling conversations to take place for each control. You can even attach files to comments.

Audit Logs

Lastly, the Audit Logs are a comprehensive record of everything that has taken place in regards to this control. This includes, but is not limited to: users changing the status, uploading evidence, auditors marking a control, and tasks being completed.

Updated on: 26/06/2025