search

shield-checkControls

Controls checks are a special category of Policy Checks.

Unlike traditional checks that validate a single configuration object or state of your app, Controls evaluate whether a governance process is operating effectively over time.

Each Control represents a defined governance objective — for example:

  • GOV_0001 – Change Management

Controls are evaluated continuously based on audit events and lifecycle activity within your apps and environments.

Where standard policy checks answer:

“Is this specific condition true?”

Controls answer:

“Is this governance process functioning correctly and consistently?”

hashtag
How Controls Work

Each Control is evaluated based on two configurable dimensions:

  1. Coverage Profile

  2. Environment Scope

Together, these determine how rigorously the control is assessed and where it applies.

hashtag
Coverage Profile

A Coverage Profile defines how a specific control is evaluated within AppControl.

For each control (such as GOV_0001 – Change Management), you select one Coverage Profile. The selected profile determines:

  • Which audit events are required as evidence

  • What governance conditions must be met

  • How strictly the control is evaluated

Coverage Profiles allow you to align the control with your required level of assurance — from basic traceability to strict separation-of-duties enforcement.

In other words:

The control defines what must be governed. The coverage profile defines how rigorously it must be evidenced.

hashtag
How Coverage Profiles Are Evaluated

When a Coverage Profile is selected, AppControl continuously evaluates compliance by analyzing audit events associated with the app and its environments.

Evaluation happens in three layers:

1. Evidence Presence

AppControl verifies that all required evidence event types defined in the profile are present.

Example:

  • If CHANGE_APPROVED is required, deployments without approval evidence will cause the control to fail.

2. Event Relationships

Some profiles require specific relationships between events, not just their existence.

Examples:

  • A revision change must be linked to a deployment.

  • A deployment must be associated with an approval.

  • A configuration change must be linked to a release.

  • A change review must be associated with the release it governs.

If required relationships are missing, the control will not meet the selected Coverage Profile.

3. Policy Validation

For stricter profiles, AppControl evaluates governance conditions such as:

  • Approval before deployment

  • Rollback registration

  • Separation of duties (review evidence independent of approval)

These checks are executed automatically through Compliance Policies that analyze the underlying audit events.

hashtag
Compliance Outcome

Based on the evaluation, AppControl determines whether the control is:

  • Compliant — All required evidence and relationships are present

  • Non-Compliant — Required governance conditions are not met

The stricter the Coverage Profile, the more evidence and governance validation is required.

hashtag
Environment Scope

Each Control also includes an Environment Scope setting.

Environment Scope defines which types of environments are evaluated for compliance with the selected Coverage Profile.

For example, you may choose to apply a control to:

  • Production only

  • Production and Acceptance

  • All environments

This allows you to:

  • Enforce stricter governance in Production

  • Apply lighter requirements in Development

  • Align control enforcement with risk level

Compliance is evaluated only for environments included in the defined scope.

hashtag
Continuous Evaluation

Controls are not evaluated once — they are evaluated continuously.

As new audit events are generated (deployments, approvals, configuration changes, reviews, rollbacks, etc.), AppControl automatically re-evaluates the control against the selected Coverage Profile and Environment Scope.

This enables:

  • Continuous compliance monitoring

  • Immediate visibility into control failures

  • Ongoing assurance rather than periodic assessment

hashtag
Summary

Controls introduce a structured, evidence-driven way to monitor governance processes across your Mendix landscape.

Each Control:

  • Defines a governance objective

  • Uses a Coverage Profile to define required evidence and rigor

  • Uses Environment Scope to define where it applies

  • Is continuously evaluated based on audit events

Together, this provides a configurable and transparent foundation for continuous security, quality, and compliance within AppControl.

PreviousDo not expose constants to clientNextChange management

Last updated