Revise line widths for Compliance features doc

Revise line widths for Compliance features doc

Revise line widths for Compliance features doc
9e853110 · Craig Norris · Evan Read · 59a43d0b · 9e853110
Commit 9e853110 authored Jan 20, 2022 by Craig Norris Committed by Evan Read Jan 20, 2022
Show whitespace changes
Inline Side-by-side

Showing with 79 additions and 54 deletions

doc/administration/compliance.md doc/administration/compliance.md +79 -54

No files found.
--- a/doc/administration/compliance.md
+++ b/doc/administration/compliance.md
@@ -6,37 +6,49 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 # Compliance features **(FREE)**
-These GitLab features can help ensure that your GitLab instance meets common compliance standards. For more information
+These GitLab features can help ensure that your GitLab instance meets common
-about compliance management, see the compliance management [solutions page](https://about.gitlab.com/solutions/compliance/).
+compliance standards. For more information about compliance management, see the
+compliance management [solutions page](https://about.gitlab.com/solutions/compliance/).
-The [security features](../security/index.md) in GitLab may also help you meet relevant compliance standards.
+The [security features](../security/index.md) in GitLab may also help you meet
+relevant compliance standards.
 ## Policy management
-Organizations have unique policy requirements, either due to organizational standards or mandates from regulatory bodies.
+Organizations have unique policy requirements, either due to organizational
-The following features help you define rules and policies to adhere to workflow requirements, separation of duties, and
+standards or mandates from regulatory bodies. The following features help you 
-secure supply chain best practices:
+define rules and policies to adhere to workflow requirements, separation of duties,
+and secure supply chain best practices:
- [**Credentials inventory**](../user/admin_area/credentials_inventory.md) (for instances): With a credentials inventory,
+- [**Credentials inventory**](../user/admin_area/credentials_inventory.md) (for
-  GitLab administrators can keep track of the credentials used by all of the users in their GitLab instance.
+  instances): With a credentials inventory, GitLab administrators can keep track
- [**Granular user roles and flexible permissions**](../user/permissions.md) (for instances, groups, and projects): Manage
+  of the credentials used by all of the users in their GitLab instance.
-  access and permissions with five different user roles and settings for external users. Set permissions according to people's
+- [**Granular user roles and flexible permissions**](../user/permissions.md)
-  role, rather than either read or write access to a repository. Don't share the source code with people that only need
+  (for instances, groups, and projects): Manage access and permissions with five
-  access to the issue tracker.
+  different user roles and settings for external users. Set permissions according
- [**Merge request approvals**](../user/project/merge_requests/approvals/index.md) (for instances, groups, and projects):
+  to people's role, rather than either read or write access to a repository. Don't
-  Configure approvals required for merge requests.
+  share the source code with people that only need access to the issue tracker.
- [**Push rules**](../push_rules/push_rules.md) (for instances, groups, and projects): Control pushes to your
+- [**Merge request approvals**](../user/project/merge_requests/approvals/index.md)
-  repositories.
+  (for instances, groups, and projects): Configure approvals required for
+  merge requests.
+- [**Push rules**](../push_rules/push_rules.md) (for instances, groups, and
+  projects): Control pushes to your repositories.
 - Separation of duties using [**protected branches**](../user/project/protected_branches.md#require-code-owner-approval-on-a-protected-branch)
-  and [**custom CI/CD configuration paths**](../ci/pipelines/settings.md#specify-a-custom-cicd-configuration-file) (for projects):
+  and [**custom CI/CD configuration paths**](../ci/pipelines/settings.md#specify-a-custom-cicd-configuration-file) (for projects): Users can leverage the GitLab cross-project YAML configurations
-  Users can leverage the GitLab cross-project YAML configurations to define deployers of code and developers of code.
+  to define deployers of code and developers of code. See how to use this setup
-  See how to use this setup to define these roles in:
+  to define these roles in:
  - The [Separation of Duties deploy project](https://gitlab.com/guided-explorations/separation-of-duties-deploy/blob/master/README.md).
  - The [Separation of Duties project](https://gitlab.com/guided-explorations/separation-of-duties/blob/master/README.md).
 ## Compliant workflow automation
-It is important for compliance teams to be confident that their controls and requirements are set up correctly, but also that they _stay_ set up correctly. One way of doing this is manually checking settings periodically, but this is error prone and time consuming. A better approach is to use single-source-of-truth settings and automation to ensure that whatever a compliance team has configured, stays configured and working correctly. These features can help you automate compliance:
+It is important for compliance teams to be confident that their controls and
+requirements are set up correctly, but also that they _stay_ set up correctly.
+One way of doing this is manually checking settings periodically, but this is
+error prone and time consuming. A better approach is to use single-source-of-truth
+settings and automation to ensure that whatever a compliance team has configured,
+stays configured and working correctly. These features can help you automate
+compliance:
 - [**Compliance frameworks**](../user/project/settings/index.md#compliance-frameworks) (for groups): Create a custom
  compliance framework at the group level to describe the type of compliance requirements any child project needs to follow.
@@ -45,46 +57,59 @@ It is important for compliance teams to be confident that their controls and req
 ## Audit management
-An important part of any compliance program is being able to go back and understand what happened, when
+An important part of any compliance program is being able to go back and understand
-it happened, and who was responsible. This is useful in audit situations as well as for understanding
+what happened, when it happened, and who was responsible. This is useful in audit
-the root cause of issues when they occur. It is useful to have both low-level, raw lists of audit data
+situations as well as for understanding the root cause of issues when they occur.
-as well as high-level, summary lists of audit data. Between these two, compliance teams can quickly
+It is useful to have both low-level, raw lists of audit data as well as high-level,
-identify if problems exist and then drill down into the specifics of those issues. These features can help provide visibility into GitLab and audit what is happening:
+summary lists of audit data. Between these two, compliance teams can quickly
+identify if problems exist and then drill down into the specifics of those issues.
+These features can help provide visibility into GitLab and audit what is happening:
- [**Audit events**](audit_events.md) (for instances, groups, and projects): To maintain the integrity of your code,
+- [**Audit events**](audit_events.md) (for instances, groups, and projects): To
-  audit events give administrators the ability to view any modifications made within the GitLab
+  maintain the integrity of your code, audit events give administrators the
-  server in an advanced audit events system, so you can control, analyze, and track every change.
+  ability to view any modifications made within the GitLab server in an advanced
- [**Audit reports**](audit_reports.md) (for instances, groups, and projects): Create and access reports based on the
+  audit events system, so you can control, analyze, and track every change.
-  audit events that have occurred. Use pre-built GitLab reports or the API to build your own.
+- [**Audit reports**](audit_reports.md) (for instances, groups, and projects):
- [**Auditor users**](auditor_users.md) (for instances): Auditor users are users who are given read-only access to all
+  Create and access reports based on the audit events that have occurred. Use
-  projects, groups, and other resources on the GitLab instance.
+  pre-built GitLab reports or the API to build your own.
- [**Compliance report**](../user/compliance/compliance_report/index.md) (for groups): Quickly get visibility into the
+- [**Auditor users**](auditor_users.md) (for instances): Auditor users are users
-  compliance posture of your organization.
+  who are given read-only access to all projects, groups, and other resources on
+  the GitLab instance.
+- [**Compliance report**](../user/compliance/compliance_report/index.md) (for
+  groups): Quickly get visibility into the compliance posture of your organization.
 ## Other compliance features
 These features can also help with compliance requirements:
- [**Email all users of a project, group, or entire server**](../tools/email.md) (for instances): An administrator can
+- [**Email all users of a project, group, or entire server**](../tools/email.md)
-  email groups of users based on project or group membership, or email everyone using the GitLab instance. These emails
+  (for instances): An administrator can email groups of users based on project
+  or group membership, or email everyone using the GitLab instance. These emails
  are great for scheduled maintenance or upgrades.
- [**Enforce ToS acceptance**](../user/admin_area/settings/terms.md) (for instances): Enforce your users accepting new
+- [**Enforce ToS acceptance**](../user/admin_area/settings/terms.md) (for
-  terms of service by blocking GitLab traffic.
+  instances): Enforce your users accepting new terms of service by blocking GitLab
- [**External Status Checks**](../user/project/merge_requests/status_checks.md) (for projects): Interface with third-party
+  traffic.
-  systems you already use during development to ensure you remain compliant.
+- [**External Status Checks**](../user/project/merge_requests/status_checks.md)
- [**Generate reports on permission levels of users**](../user/admin_area/index.md#user-permission-export) (for
+  (for projects): Interface with third-party systems you already use during
-  instances): Administrators can generate a report listing all users' access permissions for groups and projects in the
+  development to ensure you remain compliant.
-  instance.
+- [**Generate reports on permission levels of users**](../user/admin_area/index.md#user-permission-export)
- [**License compliance**](../user/compliance/license_compliance/index.md) (for projects): Search dependencies for their
+  (for instances): Administrators can generate a report listing all users' access
-  licenses. This lets you determine if the licenses of your project's dependencies are compatible with your project's license.
+  permissions for groups and projects in the instance.
- [**Lock project membership to group**](../user/group/index.md#prevent-members-from-being-added-to-projects-in-a-group) (for
+- [**License compliance**](../user/compliance/license_compliance/index.md) (for
-  groups): Group owners can prevent new members from being added to projects within a group.
+  projects): Search dependencies for their licenses. This lets you determine if
- [**LDAP group sync**](auth/ldap/ldap_synchronization.md#group-sync) (for instances): Gives administrators the ability
+  the licenses of your project's dependencies are compatible with your project's
-  to automatically sync groups and manage SSH keys, permissions, and authentication, so you can focus on building your
+  license.
-  product, not configuring your tools.
+- [**Lock project membership to group**](../user/group/index.md#prevent-members-from-being-added-to-projects-in-a-group)
- [**LDAP group sync filters**](auth/ldap/ldap_synchronization.md#group-sync) (for instances): Gives more flexibility to
+  (for groups): Group owners can prevent new members from being added to projects
-  synchronize with LDAP based on filters, meaning you can leverage LDAP attributes to map GitLab permissions.
+  within a group.
+- [**LDAP group sync**](auth/ldap/ldap_synchronization.md#group-sync) (for
+  instances): Gives administrators the ability to automatically sync groups and
+  manage SSH keys, permissions, and authentication, so you can focus on building
+  your product, not configuring your tools.
+- [**LDAP group sync filters**](auth/ldap/ldap_synchronization.md#group-sync)
+  (for instances): Gives more flexibility to synchronize with LDAP based on
+  filters, meaning you can leverage LDAP attributes to map GitLab permissions.
 - [**Omnibus GitLab package supports log forwarding**](https://docs.gitlab.com/omnibus/settings/logs.html#udp-log-forwarding)
  (for instances): Forward your logs to a central system.
- [**Restrict SSH Keys**](../security/ssh_keys_restrictions.md) (for instances): Control the technology and key length
+- [**Restrict SSH Keys**](../security/ssh_keys_restrictions.md) (for instances):
-  of SSH keys used to access GitLab.
+  Control the technology and key length of SSH keys used to access GitLab.