Swif’s Compliance Repository now lets you create, tailor, and version your own controls instead of relying only on the system-supplied SW-1 … SW-11 checklist.
Use this when you need a control that:
Combines multiple OSs in one rule (e.g., “macOS 14.5 or Windows 11”)
References a setting inside any Swif policy (e.g., FileVault2 must be enabled)
Demands a specific piece of software, a minimum device spec, or both
Where to start
Settings › Compliance
Click Create Compliance Control (green button above the General Compliance Requirements list).
Wizard overview
Step | What you do | Key options |
1 Basic Information | Name & (optional) description | — |
2 Control Config | Add one Spec card per condition you want to check | Specification type: - Application – require or forbid a specific app |
3 Requirements (optional) | For Policy specs, refine the exact Requirement inside that policy, and the value that is considered “compliant.” | Example: |
You can mix as many spec cards as you need—the control passes only when all cards match the device.
Click Create Control to save.
What happens next
The new control appears in the Compliance Repository list (labelled Custom).
Toggle Add to Device Compliance Criteria if you want it counted in every device’s “Compliant / Incomplete” score.Each requirement’s Current Setting column shows the real-time value reported from the device fleet.
Need to revert? Click Reset Default Settings to hide all customizations and restore the out-of-box SW-n list.
Examples you can build
Goal | Spec cards to add |
Block guest accounts anywhere | Policy → Password Policy → Require Passcode on Device → True  |
Ensure laptops are on at least macOS 15.1 or Windows 11 | Operating System (macOS 15.1) + Operating System (Windows 11)  |
Require FileVault and BitLocker | Policy → FileVault2 → Enabled ; Policy → BitLocker Auto Policy → On |
Flag devices missing Microsoft Excel | Application → “Microsoft Excel” on both macOS & Windows  |
Tips & FAQs
Does a custom control affect existing benchmarks (SOC 2, ISO 27001, …)?
Not automatically. Custom controls are internal checks; map them to frameworks in your audit narrative if required.Excluding devices – use the Exclusion Rule dropdown under the repository list (e.g., “Include only production devices”).
Versioning – each edit increments the control’s version; history is visible in the API and audit exports.
Custom controls let you express your security policy in Swif’s language—try them to close gaps the default SW-rules don’t cover.