ST1108
To the extent information technology solutions factor into the organization’s internal controls, the organization has selected and calibrated the solutions in a manner that is appropriate to address the organization’s risk profile and compliance needs, and the organization routinely tests the…
Plain-language summary
What it actually means.
Plain-language summary forthcoming. Source text below.
Source text
As written.
To the extent information technology solutions factor into the organization’s internal controls, the organization has selected and calibrated the solutions in a manner that is appropriate to address the organization’s risk profile and compliance needs, and the organization routinely tests the solutions to ensure effectiveness.
Assessed by HEXDI
What HEXDI assesses.
- M4
4 — JURISDICTION, CLASSIFICATION, AND MARKING
Company has automated its jurisdiction, classification, and marking processes.
- M6
1 — TRANSACTION SCREENING
Company has automated its party and transaction screening process.
- M7
4 — AUTHORIZATION MANAGEMENT
Company has automated its authorization submission process.
- M7
4 — AUTHORIZATION MANAGEMENT
Company has automated its authorization implementation process.
- M7
4 — AUTHORIZATION MANAGEMENT
Company has automated its authorization maintenance process.
- M7
4 — AUTHORIZATION MANAGEMENT
Company has automated its notification and reporting process.
Related
Other DOT standards.
Source & revisions
- First mapped
- Jun 8, 2022
- Last updated
- May 26, 2026 (29m ago)
- Source
- Framework for OFAC Compliance Commitments