Policies and Controls
Policies define governance requirements. Controls are the specific requirements within a policy that teams implement, monitor, declare against, and review.
Policy Library
Section titled “Policy Library”The policy library is the organization-level view of available policies. Privileged users can create policy templates and apply policies to selected projects.
Applied Policies
Section titled “Applied Policies”When a policy is applied to a project, Governance Studio creates a project policy instance. That instance tracks project-specific status, evidence, declarations, reviews, indicators, certificates, and archive state.
Controls
Section titled “Controls”Controls are reviewed inside an applied policy. Each control can include:
- Control title, code, description, and citations.
- Implementation or monitoring status.
- Declarations submitted by authorized users or automated workers.
- Reviews created by reviewers.
- Evidence attachments.
- Indicator configuration and evaluation history.