Controls

Getting started with Controls

title: Getting started with Controls description: Learn what Controls are in Tidal Control and how to use the Controls page to manage your control measures sidebar_position: 1

Getting started with Controls

What are Controls in Tidal Control?

Controls in Tidal Control are control measures that your organization implements to manage risks and ensure compliance. These can include:

  • Policies and procedures - Information security policy, incident response plan
  • Organizational measures - Risk assessments, internal audits, management reviews
  • Personnel measures - Training, contracts, background checks
  • Technical measures - Firewalls, encryption, access controls
  • Physical security - Access cards, camera surveillance, lock and key management

By registering and monitoring controls in Tidal, you gain insight into your security status, compliance level, and which actions still need to be performed.

Tip

Controls can be linked to assets, risks, and plans. This creates a complete picture of which measures apply where and how effective they are.

Read more about this in Creating and managing Controls

Navigating the Controls page

Opening the Controls page

Go to the Controls section via the main menu. You'll arrive at an overview page showing all controls from your organization.

Controls overview

What you see in the overview

The controls overview shows three important status indicators at the top:

  • Assigned are Controls that are assigned to an owner
  • Implemented are controls that are implemented and actively monitored
  • Audited are controls that have been audited and have compliance status

Understanding the Controls table

The main overview shows per control:

  • Compliance Status - Gray/Green/red dots show the compliance status
  • Control name - Descriptive title of the security measure
  • Assets - Number of linked business assets (e.g. "2" means 2 assets)
  • Risks - Number of linked risks
  • Issues - Outstanding problems related to this control
  • Progress - Progress of tasks (e.g. "2/2" means 2 of 2 tasks completed)
  • Due Date - Deadline for outstanding tasks
  • Framework - Compliance standard (ISO27001, NIS 2, etc.)
  • Assignee - Assigned person/team

Understanding status indicators

Status colors

The status column indicates whether a control is compliant or not. This is calculated as follows:

Green dot - Control is compliant

  • All linked tests are OK (passed), and;
  • All tasks are completed or have a deadline in the future.

Red dot - Control is not compliant

  • One or more outstanding tasks are past the deadline (overdue)
  • One or more tests have a problem (failed, error)

Gray dot - Control has no status yet

  • No tasks or tests are linked to this control yet
Warning

Tasks without deadlines are counted as compliant (green). For accurate tracking, set deadlines on tasks.

Progress indicator

Numerical progress (e.g. "2/3"):

  • First number = number of completed tasks and successful tests (passed)
  • Second number = total number of linked tasks and tests
  • Percentage = (completed ÷ total) × 100

Color coding:

  • Green = 100% completed
  • Orange = Otherwise

Search and filtering

Search functionality

Using the search bar:

  1. Click in the search bar at the top of the overview
  2. Type control names or control references (e.g. "A.01" or "Information security")
  3. Press 'Enter' and your search results will be shown

Filter options

Use the filter dropdown menus to find specific controls:

Open vs Archived:

  • Open - Active controls that are monitored
  • Archived - Controls that are no longer applicable

Filter by Assignee:

  • Show controls assigned to specific people
  • Useful to see your own responsibilities

Filter by Frameworks:

  • ISO27001 - International security standard controls
  • CyFun Essential - Cyber fundamentals (NIS2)
  • Other frameworks - Depending on your organization setup

Filter by Plans:

  • Show controls linked to specific plans
  • For example annual review cycles

Filter by Function:

  • Procurement - controls for the procurement function
  • Human Resources - controls for the HR function
  • Other functions - controls for other functions in the organization

Filter by Phase:

  • Filters for each phase in your Plan-Do-Check-Act cycle

Filter by Process:

  • Filters for each business or IT process, e.g. 'Incident response'

The "More filters" option contains additional filtering possibilities:

Filter by Type:

  • Policies & Procedures - Policy and process measures
  • Process - Process measures
  • Technical - Technical control measures

Filter by Risks, Assets, or Issues:

  • Risks - Show controls linked to specific risks
  • Assets - Show controls linked to specific business assets
  • Issues - Show controls linked to specific problems
Tip

You can also create or remove filters yourself with attributes.

Read more about attributes in Creating and managing Controls

Combining multiple filters

You can use different filters simultaneously for very specific results:

  • Example: Filter on "ISO27001" + "Annually" + your name as assignee to see all your annual ISO controls
  • Reset filters: Click away individual filters or use "Clear filters"

Next steps

Now that you know how to find controls and interpret their status, you can:

  • Complete tasks linked to controls
  • Gather evidence for compliance audits
  • Assess controls as part of an internal audit
  • Add new controls for improved risk management
Note

No controls visible? This may mean that no control measures have been configured in your Tidal environment yet. Start by adding your first control via the "Add control" button, or ask your administrator to import framework templates.

Next
Implementing and testing controls