Security & Compliance
Lynx Compliance - Govern (Policies, Attestations, Risk, Vendors)
Policy register with versions + CISO attestations via lynx_sign; risk register; vendor/supply-chain risk assessments. Covers NIST CSF 2.0 GV.* controls.
lynx_compliance_govern
· v19.0.1.4.0
· Premium
What this solves
Lynx Compliance - Govern
Run a real ISMS - policies, risk, vendor due diligence - on the same record store as your control catalog, so governance evidence flows into audits automatically.
The GOVERN function of NIST CSF 2.0 is where most teams keep a Word folder, an Excel risk register, and a vendor questionnaire spreadsheet. This module replaces all three with versioned policies, a 5x5 risk register, and supply-chain assessments living next to the controls they satisfy. CISO attestations are captured through lynx_sign, and every policy version becomes a selectable evidence target on compliance.control.assessment.
Key Features
Versioned policy register - lynx.policy and lynx.policy.version track drafts, the active version, and scheduled reviews.
CISO attestation via lynx_sign - one-click sign-off; the resulting signature becomes live evidence on linked controls.
5x5 risk register - lynx.risk records inherent and residual scoring, owner, treatment plan, and target date.
Risk treatments - lynx.risk.treatment captures the concrete actions taken to reduce each risk.
Vendor / supply-chain assessments - lynx.vendor.assessment tracks vendor scope, last review, next due, and overall rating (GV.SC controls).
Control wiring - the assessment policy_ref accepts policy versions so officers point any control at its governing document.
Integrates With
lynx_compliance - policies and risks attach to controls as evidence.
lynx_sign - signed CISO attestations on policy activation.
Try Lynx Compliance - Govern (Policies, Attestations, Risk, Vendors) on your team.
Free trial, no credit card. Talk to sales when you're ready.