Here’s how to ensure code reviews are properly enforced on all pull requests
🔍 Why This Happens
The monitor Source Control | Code Review and Approval Performed for Production Pull Requests checks whether pull requests (PRs) were actually approved by a reviewer before being merged.
Simply assigning reviewers is not enough—the monitor only recognizes PRs as compliant if:
-
A reviewer was assigned and
-
The reviewer formally approved the PR (indicated by a ✅ green checkmark)
✅ What You Need to Do
-
Go to one of your recent merged pull requests
-
Check the Reviewers section
-
Confirm that at least one reviewer has an Approved status with a ✅ green checkmark
-
If there is no approval, update your process to ensure reviewers approve before merging.
📌 Note: Once a Pull Request has been merged a review can no longer be performed. It will therefore remain as non-compliant in the monitor. These pull-requests cannot be filtered out as it is mandatory that they are presented as evidence during the audit.
Should the auditor select to review one of these non-compliant pull-requests a reason will have to be given as to why no proper code-review was performed.