The design and operating effectiveness of internal controls are continuously evaluated against the established controls framework by GitLab. Corrective actions related to identified deficiencies are tracked to resolution.
GitLab's controls aim to protect the confidentiality, integrity, and availability of customer, GitLab team-member, and partner data and the service provided to them. To ensure the controls remain current and relevant, and they're both being used in the way they were intended and have the expected impact, they should be regularly evaluated and improved when necessary.
This control applies to all GitLab internal controls.
GitLab Compliance Team
For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.
For all reference links relevant to this control, refer to the full guidance documentation.
For examples of evidence an auditor might request, refer to the full guidance documentation.