Controls are policies, procedures, practices, or mechanisms implemented to manage or mitigate risks and ensure adherence to standards, laws, regulations, and internal policies. They act as safeguards to reduce potential threats to an organization, ensuring compliance with relevant standards and reducing the likelihood of adverse events.
There will be controls mapped to the standards. The controls with ID which starts with COMP are standard controls from COMPASS. These controls will be automatically changed and pushed in accordance with the global changes in the Standards. Custom Controls are controls which can be created by the organization according to their needs. The name of the custom controls will start with the organization name. For e.g. if your organization name is Alpha, the ID will start with ALPH.
To learn more about controls, refer .