Which of the following records does not have a lifecycle?

Control Objectives are conceptual frameworks that guide the establishment of controls within an organization. They outline what needs to be achieved in terms of risk management and compliance but do not exist as discrete records with a defined lifecycle. Unlike policies, control exceptions, and controls, which typically go through creation, implementation, monitoring, and possibly revision phases, control objectives are more static and serve as a guideline rather than a tangible record that is managed through various lifecycle stages.

On the other hand, policies are formal documents that establish directives and are subject to versioning and periodic review. Policy exceptions are specific deviations from policies that are documented and can be tracked through a lifecyle, often requiring approval and follow-up actions. Controls, which are put in place to meet the objectives outlined by policies, also have a lifecycle that includes development, assessment, and maintenance phases.

In this context, the distinct nature of Control Objectives as guidelines rather than as records with their own lifecycle makes them the correct answer.