The governance lifecycle defines how governed bundles progress from creation to production readiness. Each bundle moves through predefined approval stages where evidence is collected, reviewed, and approved. Stages may include policy checks, risk assessments, and ethical evaluations. Approvers review submissions, document findings, and determine whether the bundle can proceed.

This lifecycle enforces consistency and accountability. It ensures that decisions are based on documented criteria and that risks are identified and resolved before release. Findings and approval transitions are recorded to support audit requirements and enable continuous improvement.
Use gates in a policy to control whether governed actions, such as app deployment or endpoint creation, are allowed. Gate outcomes are enforced in real time and logged with findings and approval transitions for audit and improvement.
Sequential workflows define a structured, ordered progression through a bundle’s lifecycle. Each stage must be completed in sequence, enforcing required checks and approvals and improving the integrity of quality control governance. This behavior is optional and can be enabled in the Policy Builder.
-
Create governed bundles - get steps on creating and using our governed bundles.
-
Send governed bundles for review - submit your bundles for review and get them published.
-
Use Findings to track and manage issues throughout the governance lifecycle of a bundle.