---

title: Getting started with Issues description: Learn what Issues are in Tidal Control and how to use the Issues page to manage non-conformities and improvement points sidebar_position: 1

Getting started with Issues

What are Issues in Tidal Control?

Issues in Tidal Control are non-conformities, findings and improvement points that can impact your Information Security Management System (ISMS). The system helps you systematically register, assign and resolve these by:

• Recording non-conformities - Document non-conformities and compliance problems
• Registering incidents - Track security incidents and breaches
• Planning improvement actions - Manage opportunities and action plans
• Monitoring progress - Track status and deadlines of solutions
• Facilitating collaboration - Team communication and evidence collection

By registering and monitoring issues in Tidal, you gain insight into compliance status, outstanding problems and the effectiveness of your improvement actions.

Navigating the Issues page

Opening the Issues page

Go to the Issues section via the main menu. You'll arrive at an overview page where all non-conformities from your organization are displayed.

What you see in the overview

The issues overview shows important information per non-conformity:

• Status - Orange dot for Open issues, green for Closed
• Period - Time period in which issue is registered (e.g. "Year 2025")
• Name - Descriptive title of the non-conformity
• Due Date - Deadline for solution (if set)
• Priority - Urgency level (High, Medium, Low)
• Issue Type - Category of the non-conformity (7 different types)
• Assets - Number of linked business assets
• Controls - Number of linked controls
• Assignee - Assigned person for solution

Understanding status

Open issues (orange dot):

• Unresolved non-conformities
• Actively being worked on or not yet picked up
• Visible in daily work lists
• Counted in compliance calculations

Closed issues (gray):

• Resolved and approved non-conformities
• Visible via "Closed" tab for historical overview
• No longer active in workflows
• Available for audit and reporting

Understanding issue types

Tidal distinguishes 7 different categories of non-conformities:

1. Generic - Default Type

When to use: General problems and administrative matters Example: "Employee screening procedure must be implemented" Characteristics: Broad organizational improvement points

2. Audit finding

When to use: Problems identified during internal or external audits Example: "External auditor identifies missing document for required policy X" Characteristics: Formal findings that threaten compliance

3. Control gap

When to use: Missing or insufficient controls Example: "Access control system doesn't fully restrict admin rights" Characteristics: Identified during GAP analysis, requires new controls

4. Incident

When to use: Security incidents and actual breaches Example: "Phishing attack compromises employee account" Characteristics: Reactive handling of actual events

5. Action plan

When to use: Structured improvement projects and implementations Example: "Employee training program rollout in Q2 for security awareness" Characteristics: Proactive planning of future activities

6. Control deficiency

When to use: Existing controls that don't function effectively Example: "Encryption process has errors leaving data unencrypted" Characteristics: Implemented measures that fail in practice

7. Opportunity for improvement

When to use: Functional processes that can be optimized Example: "Improve onboarding documentation for faster security training" Characteristics: Preventive optimization for better efficiency

Interpreting priorities

Priority levels

High - Red:

• Critical security risks
• Compliance threats
• Immediate action required
• Daily monitoring needed

Medium - Orange:

• Important improvement points
• Planned implementation within weeks
• Regular follow-up sufficient
• Standard priority for most issues

Low - Green:

• Nice-to-have improvements
• Long-term planning
• Implementation when time available
• Low impact on compliance

Priority assignment tips

Assign High priority for:

• Audit findings that threaten certification
• Security incidents with ongoing risk
• Compliance deadlines within 30 days
• Issues that disrupt business operations

Medium priority for:

• Planned improvement projects
• Control gaps without direct threat
• Action plans with quarterly deadlines
• Opportunities with measurable benefit

Searching and filtering

Search functionality

Using the search bar:

1. Click in the search bar at the top of the overview
2. Type issue names or keywords (e.g. "phishing", "backup", "training")
3. Press 'Enter' and your search results are displayed

Filter options

Use the filter dropdown menus to find specific issues:

Open vs Closed:

• Open (6) - Active issues requiring attention
• Closed (0) - Handled issues for historical overview

Filter by Controls:

• Show issues linked to specific controls
• Useful for impact analysis of control problems

Filter by Assets:

• Show issues related to specific business assets
• Useful for asset-based problem analysis

Filter by Assignee:

• Show issues assigned to specific people
• Perfect for personal work lists

Filter by Priority:

• High - Critical issues requiring immediate attention
• Medium - Standard priority issues
• Low - Low priority improvement points

Filter by Issue Type:

• Select specific categories (Generic, Audit finding, etc.)
• Combine with other filters for targeted views

Combining multiple filters

You can use different filters simultaneously for very specific results:

• Example: Filter on "Audit finding" + "High" priority + "Open" status to see critical audit findings
• Reset filters: Click away individual filters or refresh the page

Next steps

Now that you know how to find and interpret issues, you can:

• Register new non-conformities you encounter
• Assign issues to the right team members
• Collaborate on solutions via comments
• Monitor progress of outstanding problems