GitLab performs ongoing performance management through regularly recurring 1:1 meetings between managers and their direct reports. Performance and compensation reviews are performed annually.
The purpose of this control is to ensure managers and their direct reports are in ongoing, open conversation with one another to stay current with projects, tasks, roadblocks, and so on. This benefits both parties - particularly with GitLab being all-remote and asynchronous - by facilitating regular feedback, timely issue escalation, decision making, and work prioritization.
This control applies to GitLab management and leadership.
A process to evaluate the performance of team-members.
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Performance Management control issue.
Examples of evidence an auditor might request to satisfy this control: