With the controls in the library, we would have a few benefits:
1. Provide a description or usage manual
2. In the properties of the control, you could have a "See documentation" link that functions similarly to the other popup options.
3. A template configuration providing the developer with a base example with which to work.
4. Apply security for developers and end users. Which developers can use it, which end users can use it.
5. Remove all confusion over whether to select none/ui with event propagation/ui without event propagation, or a page module.
As it stands, instructions and location for the controls have to be handled externally to Cognos, and not all companies have internal wikis to maintain this type of documentation.
Cognos could also hash the files on the server to ensure that no tampering has occurred - if the checksums don't match, disable any reports using it until an admin has time to confirm the updated file is valid and re-enables the control. This comparison could be handled in a scheduled job.