1. SureCloud Platform
  2. Getting started
  3. Using your Applications

Continuous Control Monitoring

The Continuous Controls Monitoring (CCM) feature offers a smarter, streamlined way to track and validate your organisation’s compliance posture. By combining automated and document-based tests, CCM helps reduce manual effort, prevent duplicated work, and provide greater confidence in your control environment - all from a centralised, easy-to-navigate space.

 

What CCM Includes

CCM combines two core test types:

1. Automated Tests

These tests automatically connect to platforms like AWS and Microsoft Entra ID using secure API calls. They run checks against your environment and return a simple Pass/Fail status based on the test logic.

  • Example: A test might check whether multi-factor authentication is enabled in Entra ID.

  • Great for: Repeated, standardised checks across your cloud environment.

2. Document-Based Tests

These tests evaluate uploaded evidence and policy documents against defined control test requirements.

  • Linked to files in your Evidence Library or Policy applications, for example.

  • The test checks whether the attached documents using the FileSync feature meet specific standards or expectations.

  • Great for: Policies, procedural documents, or evidence that can't be verified via an automated connection.

 

Test View: What You’ll See

Each control test is visible within the CCM page, each of the tests can be opened in a right hand panel, with the following tabs:

Overview Tab

This is your quick-glance summary:

  • Test Objective - View a description of what the test does and what the pass condition is.

  • Assigned Owner - Allocate a person responsible for the test.

  • Frameworks - See which compliance framework the test relates to (e.g., ISO 27001, NIST).

  • Domain - Understand the control’s domain (e.g., Cloud Security, Access Control).

Connections Tab

This tab allows you to link the test to other areas of your compliance program, for example:

  • Controls

  • Policies

  • Risks

  • Evidence Library

  • Other relevant areas

This ensures each test supports broader compliance objectives, and keeps everything aligned in one place.

Issues Tab (Permission Restricted)

Only accessible by users with the correct permissions, this tab displays any control test failures. This might include:

  • Detailed error messages

  • Information about what triggered the fail, including the name, type and region of failure

  • Assistance on how the issue can be resolved

🔒 Hidden from general users due to the potential for sensitive data.

 

 

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more