Define the Scope of Your Compliance Audit
Set controls out of scope to exclude them from your compliance score and reports
If a control in a framework is not part of your compliance audit, you can set it out of scope. Mondoo excludes out-of-scope controls when calculating your compliance score and when generating compliance reports.
All controls are in scope by default. Scope changes apply per space — setting a control out of scope in one space does not affect other spaces.
Setting a control out of scope hides it entirely from your compliance reports. To exclude a control from your score but still show it in reports with a justification, set an exception instead.
Set a control out of scope
Note: Only team members with Editor or Owner access can perform this task.
-
In the Mondoo Console, navigate to the space you want to customize.
-
In the side navigation bar, select Compliance.
-
Select the framework you want to customize and scroll down to the list of controls.
-
Check the box beside the control you want to set out of scope.
-
Select the SET OUT OF SCOPE button.
Mondoo removes the control from your compliance score and reports for this space.
Restore a control to scope
Note: Only team members with Editor or Owner access can perform this task.
-
In the Mondoo Console, navigate to the space you want to customize.
-
In the side navigation bar, select Compliance.
-
Select the framework you want to customize and scroll down to the list of controls.
-
Check the box beside the out-of-scope control you want to restore.
-
Select the SET IN SCOPE button. Mondoo restores the control to your compliance score and reports for this space.