Restrict View privileges to Controls
Controls do not belong to divisions or registers like risks, but you can still restrict who can view a control by following the below steps.
First create a new group
In the admin section under Administration / Authentication click on add for Groups
Give the new group a unique name that relates to how you want to define users. Such as Division IT, and then you can create further groups for other divisions.
To help locate the group prefix it with CTL: for control, then when you searching for control groups you can enter CTL in the search bar.
ADD the privilege "Add new Control Category" to this group and then save.
Repeat this process for all the different divisions or groupings required
Next go to Controls
Under the Controls tab, open Data and click on controls.
Select the control you want to work with by clicking on the reference number
Click on the Properties bar of the control.
Under moderator groups select the relevant group, in this case it is view division x.
Then Save.
Give users who you want to view that control the same group.
WARNING
if you give a user higher control privileges or assign them to groups that contain higher privileges, the view privilege will be over-ridden by the higher privilege. For this to work the users must not have any permission to view or edit controls in general.