Which of the following is a commonly configured choice list on the Control Objective Table form?

Classification is used to categorize control objectives within the Control Objective table, giving you a standardized taxonomy for organizing them across the IRM program. By configuring this as a predefined picklist, you ensure all control objectives are labeled consistently, which makes reporting, filtering, and risk aggregation much more reliable. When you classify objectives, you can group related controls, map them to regulatory domains, and quickly identify coverage gaps by domain (for example, Security, Privacy, or Operations). This consistent taxonomy is essential for clear dashboards, risk heat maps, and audit-ready documentation. Description is typically free text, so it isn’t a predefined choice list. Category and Type can exist as fields, but they’re not as central to ensuring a uniform risk taxonomy and cross-record consistency as Classification.