Take Control of Your SDLC Compliance Process 

The audit and compliance dashboard is designed to help you address some the most pressing questions when it comes to auditing your SDLC process, such as:

‍

• Are all pull requests (PRs) verified with a green build before merging?
• Are all PRs reviewed and approved prior to merging?
• Which PRs fail to comply, and are exceptions documented?
• What is the compliance status of each project in your SDLC process?

Leverage and Adapt Software Audit Metrics

‍

• Green Build Ratio

The green build ratio metric provides the percentage of green build PRs among all merged PRs in the last 12 months. Industry standards such as SOC 2 recommend merging PRs after the test suite has run successfully, to maintain quality.

• PR Compliance Feed

The PR compliance feed report lists recently merged PRs alongside their approval and build status. Industry standards such as SOC 2 encourage green build and peer review for PRs prior to merging in order to preserve quality and reduce functional and security bugs in production.

• Project Compliance Score

The project compliance score is a report that provides the ratio of compliant PRs among all merged PRs for each project. To reach a 100% compliance score, the project should have all PRs merged with green build and all required approvals.  

• Pull Request Review Ratio

A PR review ratio indicates the percentage of PRs that were reviewed in a given period among all merged PRs. With this audit insight, PRs can be ensured that they meet their minimum review requirements. To ensure quality delivery and eliminate functional and security bugs from production code, industry standards such as SOC 2 recommend peer reviews of PRs.