Viewing Tests
Navigate to Tests in the main sidebar to see all tests in your organization. The test list supports:- Filtering by status (passing, failing, pending, not run), type (automated, scheduled, manual, policy, document, custom), and severity (critical, high, medium, low, informational)
- Searching by test name or description
- Sorting by status, severity, last run date, or name
- Pagination for large test inventories
Creating Tests
You can create scheduled, manual, policy, document, and custom tests. Automated tests are created automatically when you connect integrations.Select the test type
Choose from Scheduled, Manual, Policy, Document, or Custom. Each type has different configuration options.
Enter test details
Provide a name, description, and severity level. The description should clearly explain what the test verifies and why it matters.
Configure type-specific settings
- Scheduled: Select the recurring frequency (hourly through annual).
- Manual: Define the evidence requirements and completion instructions.
- Policy: Select which policy type the test validates.
- Document: Specify the document type and expected validity period.
- Custom: Define the pass/fail criteria and completion method.
Link to controls
Map the test to one or more controls. This determines which framework requirements the test contributes to.
Assign an owner
Choose the team member responsible for ensuring this test passes. The owner receives notifications when the test requires attention.
When linking a test to a control, the test automatically applies to every framework that control belongs to. You do not need to create separate tests per framework.
Running Tests
Automated Test Runs
Automated tests run whenever their source integration syncs. You cannot run them independently, but you can trigger a manual sync on the integration to force a re-evaluation.Manual Test Execution
For any test type, you can trigger a run from the test detail page:- Open the test by clicking its name in the test list.
- Click Run Test to initiate execution.
- For manual and custom tests, you will be prompted to upload evidence or confirm completion.
- The test result updates after processing.
Bulk Actions
Select multiple tests using the checkboxes in the test list to perform bulk actions:- Run selected tests — Trigger execution for all selected tests
- Assign owner — Set or change the owner for multiple tests at once
Viewing Test Results
Click on any test to view its detail page, which includes:Current Status
The test’s current pass/fail status with a timestamp showing when it was last evaluated.Test Run History
A chronological list of every time the test was executed, including:| Field | Description |
|---|---|
| Run date | When the test was executed |
| Status | Pass or fail result for that run |
| Duration | How long the evaluation took |
| Details | Specific findings or issues discovered |
| Evidence | Any files or data collected during the run |
Linked Entities
A list of specific resources, users, or assets that the test evaluated. For example, an MFA enrollment test might list every user account and whether MFA was found.Linked Controls
The controls this test maps to, with links to view each control’s detail page and its framework associations.Test Evidence
Tests collect and store evidence in two ways: Automatic evidence: Automated tests capture evidence from integration data. This includes configuration snapshots, scan results, user lists, and other data points that prove compliance. Manual evidence: For manual and custom tests, you upload evidence files directly:- PDF documents, screenshots, spreadsheets, and text files are supported
- Each upload is timestamped and associated with the test run
- Evidence files are stored in the secure evidence vault and linked to relevant controls
Editing Tests
To modify a test’s configuration:- Open the test detail page.
- Click Edit to enter editing mode.
- Update the name, description, severity, schedule, control mappings, or owner as needed.
- Click Save to apply changes.
Deleting Tests
To delete a test:- Open the test detail page.
- Click Delete and confirm the action.
- The test and its run history are removed. Previously collected evidence remains in the evidence vault.
Best Practices
- Assign owners to every test. Unowned tests are the primary cause of compliance gaps before audits.
- Review failing tests weekly. Set up a recurring review cadence with your compliance team to address failures promptly.
- Use severity levels consistently. Critical and high tests should align with your organization’s actual risk appetite.
- Minimize manual tests. Every manual test is a recurring burden. Look for integrations that can automate the verification.
- Document custom test criteria clearly. If a custom test cannot be automated, ensure the pass/fail criteria are unambiguous so any team member can evaluate it.
Test Schedule Overview
The Schedule view shows all scheduled and recurring tests on a calendar or timeline, making it easy to see what is due this week, this month, or this quarter. Use this view to:- Identify upcoming deadlines for scheduled and manual tests
- Spot gaps in your testing cadence
- Ensure critical tests are not all clustered at the same time