Tests

Getting started with Tests


title: Getting started with Tests description: Introduction and navigation of automated compliance tests in Tidal Control sidebar_position: 1

Getting started with Tests

What are Tests in Tidal Control?

Tests in Tidal Control are automated quality controls that measure the effectiveness of your technical controls and work in Tidal against requirements from compliance standards relevant to you.

Core functionalities:

  • Real-time quality measurements - Direct feedback on effectiveness of technical controls and activities performed in Tidal
  • Integration with external systems - Retrieve data from other tools for complete compliance picture
  • Objective compliance scores - Measurable results for audit and management reporting
  • Proactive problem identification - Identify issues before they have impact

Tests vs manual tasks

Tests are ideal for:

  • Real-time monitoring of compliance requirements
  • Objective measurements of ISMS quality
  • Automated detection of deviations

Manual tasks are still needed for:

  • Executing and documenting compliance activities performed outside Tidal (e.g. Management review)
  • Documenting evidence for systems Tidal cannot yet integrate with
  • Organization-specific requirements that deviate from standard test logic

Navigating the Tests overview page

The Tests page shows an overview of all available compliance tests with their current status and results.

Tests overview

What you see in the overview:

  • Dashboard statistics - Passed, Failed and Error percentages
  • Tests table - All available tests with status information
  • Search functionality - Quickly find specific tests
  • Filter options - In scope, Out of scope, Integrations, Controls, Status
  • Bulk actions - Manage multiple tests simultaneously

Understanding dashboard statistics

Compliance score indicators:

  • Passed (35%) - Number of tests that executed successfully and comply with requirements
  • Failed (31%) - Number of tests that failed and require attention
  • Error (0%) - Number of tests with technical problems during execution

Count information:

  • 17 Passed tests of 48 total - Number of tests currently passing
  • 15 Failed tests of 48 total - Number of tests currently requiring action
  • 0 Error tests of 48 total - Number of tests with technical problems detected
Info

The statistics only count 'In Scope' tests. 'Out of scope' tests are excluded.

Tests table interface

Column information:

  • Name - Description of what the test checks
  • Controls - Number of linked controls (e.g. 🔗 1)
  • Integration - Which system the test runs on (Tidal Control or external tool)
  • Last executed - When test was last run
  • Last results - 5 most recent test results

Example test information:

All assets should be assessed | 🔗 1 | Tidal Control | 5 days ago | F P P P P

This shows an asset assessment test linked to 1 control, executed within the Tidal Control environment (Assets page), last run 5 days ago, with recent failed test (F) but earlier successes (P).

Recognizing test statuses

Status indicators in results

Passed (P) - Green indicator:

  • Test executed successfully and requirement is complied with
  • Compliance is achieved for this specific control
  • No action required at this time
  • Contributes positively to overall compliance score

Failed (F) - Red indicator:

  • Test failed and requirement is not complied with
  • Compliance problem detected requiring attention
  • Action needed to make test pass
  • Negative impact on compliance score

Error (E) - Orange/yellow indicator:

  • Technical error during test execution
  • Test could not be completed due to system problem
  • No compliance conclusion possible
  • Integration or configuration problem to resolve

Not executed yet:

  • Test not yet executed since configuration
  • Waiting for first run or manual refresh
  • No result available for analysis

Test results timeline

Multiple results per test:

P F F E E - Last 5 runs

Interpretation: Of the last 5 times this test ran:

  • The first 2 runs resulted in errors
  • Run 3 and 4 ran, but showed non-compliant results
  • The 5th and latest run showed all results are now compliant

Understanding Types of Tests

Tidal Control uses two main types of tests for complete compliance monitoring.

Tidal Tests

Tidal tests run within the Tidal platform and check the quality of your Tidal configuration against standard requirements.

Policy Tests (largest group) examples:

  • "Establish the policy for acceptable use of information" - Checks existence and currency of this policy
  • "Establish the access control policy" - Checks existence and currency of this policy

Risk Tests examples:

  • "All risks should have risk owners assigned" - Verifies ownership assignment
  • "All risks should be assessed" - Checks if all risks are (properly) assessed

Control Tests examples:

  • "All controls should have control owners assigned" - Verifies ownership assignment
  • "All controls should be assessed 'Effective'" - Checks if all controls are assessed as Effective
  • "All controls need to have at least one linked risk" - Checks that all controls are linked to a risk
  • "All controls need to have at least one linked risk with treatment 'reduce'" - Checks that all controls are linked to a risk that aims to mitigate this risk through control implementation

Asset Tests examples:

  • "All assets should have asset owners assigned" - Verifies ownership assignment
  • "All assets should be assessed" - Checks if all assets have been recently assessed etc.
Info

New Tidal tests are regularly added. Send suggestions via email to support@tidalcontrol.com

Integrations

Integrations retrieve real-time data from other systems to verify compliance based on actual configurations.

Cloud Provider Integration examples:

  • Data encryption settings - Checks encryption configuration in Cloud environments (AWS, Azure, GCP)
  • User access controls - Verifies access rights and multi-factor authentication
  • Mobile device configuration - Checks security configuration on laptops and other mobile equipment

Other external integrations:

  • Software development platforms secure configuration and code analysis to production (Github, Gitlab, etc.)
  • ITSM Tools timely resolution of (security/compliance) tickets (Jira, etc.)

Benefits of external tests:

  • Real-time data - Current status of system configurations
  • Objective measurements - No manual interpretation needed
  • Automatic updates - Tests reflect current system state
  • Comprehensive coverage - Technical and procedural controls combined
Info

Integration tests can only deliver results after the relevant Integration has been connected to Tidal.

Read more about this in Getting started with Integrations.

In scope vs Out of scope concept

Understanding scope filtering

In scope tests:

  • Linked to at least one control in your ISMS
  • Results count in control effectiveness calculation
  • Priority for monitoring and remediation

Out of scope tests:

  • Not linked to controls in current ISMS configuration
  • Informative but no impact on compliance scores
  • Optional monitoring but can provide valuable insights

In scope vs Out of scope filtering

Tip

You can only link and unlink Tests via the controls page.

Read more about this in Editing and managing controls.

Searching and filtering tests

Using search functionality

  1. Click in search bar "Press 'Enter' to search" at top of Tests page
  2. Type test name or part of description
  3. Results filter automatically while typing
  4. Clear search (X) to show all tests

Using filter options

In scope / Out of scope:

  • Switch between tabs to find relevant tests
  • Focus on priority tests that have compliance impact
  • Explore available tests for scope expansion

Integrations filter:

  • Tidal Control - Filter on internal tests
  • Microsoft - Show only Microsoft integration tests
  • Other integrations - Specific external tool tests

Controls filter:

  • Focus on specific control(s)
  • Tests can be linked to multiple controls

Status filter:

  • Passed - Show only successful tests
  • Failed - Focus on tests requiring attention
  • Error - Identify technical problems
  • Executed - Find all tests that have one of the above statuses
  • Not executed - Find tests that need refresh

Next steps

Now that you know the Tests interface:

  • Explore In scope tests to understand current compliance status
  • Configure external integrations for complete compliance monitoring
  • Analyze Failed tests to identify priorities for improvement
  • Develop monitoring routine for proactive compliance management