Some modules use the template files that specify authorized settings. When you run a module with enabled checks that examine these settings, discrepancies are reported with a TU code in the console grid.
Similarly, some modules use the snapshot files that contain the settings that were found the last time the module was run. The snapshot file is created when you run the module for the first time. Changes are detected in subsequent policy or module runs. Settings that do not match the snapshot file are reported with a SU code in the console grid.