Define the Scope of Your Compliance Audit
Set controls out of scope to exclude them from your compliance score and from generated reports.
If a control in a framework isn't part of your audit, set it out of scope. Mondoo excludes out-of-scope controls from your compliance score and hides them from generated reports.
Every control is in scope by default. Scope changes apply per space; setting a control out of scope in one space doesn't affect other spaces.
Setting a control out of scope hides it from your reports entirely. If you want to exclude a control from your score but still show it to your auditor with a justification, set an exception instead.
Set a control out of scope
-
From a space, select Compliance in the side navigation, then select the framework. Scroll to the list of controls.
-
Check the box beside the control. A bar appears at the bottom of the page.

-
In that bar, select SET OUT OF SCOPE.
The control is immediately removed from the compliance score and from new reports generated for this space. Out-of-scope controls show an OUT_OF_SCOPE badge in the controls list.

To set a single control out of scope from its detail page, open the control and select TAKE ACTION > Set Out of Scope.
Restore a control to scope
Setting a control out of scope is reversible and applies per space.
-
Open the framework and scroll to the controls list.
-
Check the box beside the out-of-scope control.

-
In the bar at the bottom of the page, select SET OUT OF SCOPE to open the control's scope setting, then return the control to scope. The control rejoins the score and reports for this space.
The bulk action bar uses the same SET OUT OF SCOPE control to manage scope in both directions; there is no separate "set in scope" button in the current app.