Common Questions
Frequently Asked Questions
Everything you need to know about security, implementation, compliance features, and data privacy with Contextra Labs Governance.
🛡️
Security Audit Readiness
Are you an IT Security professional reviewing this extension? Contextra Labs Governance operates entirely client-side within the Azure DevOps web context. No data is sent to external servers, and all storage utilizes the native Azure DevOps Git backend.
All documentation remains exclusively within your Azure DevOps environment.
Contextra Governance is a client-side extension. It adds governance metadata (like status, reviewers, and SLA) to your existing Wiki pages via Git commits to the underlying Azure DevOps Wiki repository. There is no external backend database or cloud storage holding your Wiki text. Your data never leaves your environment.
Contextra Governance is a client-side extension. It adds governance metadata (like status, reviewers, and SLA) to your existing Wiki pages via Git commits to the underlying Azure DevOps Wiki repository. There is no external backend database or cloud storage holding your Wiki text. Your data never leaves your environment.
No. Contextra Governance is explicitly opt-in per page.
When you install the extension, your existing Wiki remains exactly as it is. You choose which specific pages require governance (e.g., Security Policies, Architecture Specs) and click "Enable Governance" on those pages. Ungoverned pages continue to work normally, allowing your engineering teams to keep their fluid, ungoverned workflows while compliance teams secure necessary documents.
When you install the extension, your existing Wiki remains exactly as it is. You choose which specific pages require governance (e.g., Security Policies, Architecture Specs) and click "Enable Governance" on those pages. Ungoverned pages continue to work normally, allowing your engineering teams to keep their fluid, ungoverned workflows while compliance teams secure necessary documents.
Every governance action (submitting for review, approving, rejecting, publishing) is recorded in an append-only audit log directly tied to the page's Git history.
For SOC 2 or ISO 27001 evidence collection, you can demonstrate exactly who approved a document, when the approval happened, and a cryptographically secure hash of the exact content they approved at that moment in time. The history is immutable.
For SOC 2 or ISO 27001 evidence collection, you can demonstrate exactly who approved a document, when the approval happened, and a cryptographically secure hash of the exact content they approved at that moment in time. The history is immutable.
No. Contextra Governance leverages your native Azure DevOps Identity and Security Groups.
If someone has edit access to your Wiki, they can draft content. When assigning reviewers to a page, you select from your existing Azure DevOps users and groups (e.g., "InfoSec Approvers" or "Lead Architects"). There is no separate user management or RBAC system to maintain.
If someone has edit access to your Wiki, they can draft content. When assigning reviewers to a page, you select from your existing Azure DevOps users and groups (e.g., "InfoSec Approvers" or "Lead Architects"). There is no separate user management or RBAC system to maintain.
Yes! A key feature of Contextra Governance is a natively embedded Draw.io editor.
You can create, edit, and view architecture or process flow diagrams directly inside your Azure DevOps Wiki. These diagrams are stored alongside the page content in the repository and are subjected to the exact same governance approval workflows and audit trails as text content. No third-party diagramming subscriptions or external hosting are needed.
You can create, edit, and view architecture or process flow diagrams directly inside your Azure DevOps Wiki. These diagrams are stored alongside the page content in the repository and are subjected to the exact same governance approval workflows and audit trails as text content. No third-party diagramming subscriptions or external hosting are needed.
You lose no data.
Because Contextra Governance stores all approved content and metadata directly in your Azure DevOps Wiki Git repository, your documentation remains fully intact and accessible as standard Wiki pages even if you uninstall the extension. The governance UI simply disappears, but the underlying markdown files and Draw.io XML files remain forever.
Because Contextra Governance stores all approved content and metadata directly in your Azure DevOps Wiki Git repository, your documentation remains fully intact and accessible as standard Wiki pages even if you uninstall the extension. The governance UI simply disappears, but the underlying markdown files and Draw.io XML files remain forever.
We offer a Free Starter Plan for individual developers or small trials (up to 5 governed pages).
The Team Plan ($49/month) covers unlimited governed pages for up to 50 users with full approval lifecycle and audit logging. The Enterprise Plan ($199/month) is for unlimited users with advanced cross-project compliance dashboards and priority support.
The Team Plan ($49/month) covers unlimited governed pages for up to 50 users with full approval lifecycle and audit logging. The Enterprise Plan ($199/month) is for unlimited users with advanced cross-project compliance dashboards and priority support.
Still have questions?
Our team is happy to answer any specific questions about compliance frameworks or custom enterprise requirements.