When we perform our compliance assessments (using compliance themes and requirement evaluations), and assessor wants to associate a policy (or procedure) to the requirement eval the user (assessor) has to:
1) come out of the requirement evaluation task view
2) navigate to the requirement task view
3) find the relevant requirement
4) perform the association to the relevant policy and procedure
5) return back to the requirement evaluation task view to continue their assessment
We understand that this is because the policy (and procedure) object types only have a direct relationship with requirement object type, and not also with the requirement evaluation object type.
We suggest the policy and procedure object types have the same relationship with the requirement eval object type as the control object type.
Do not place IBM confidential, company confidential, or personal information into any field.