Documentation rendue
Cette page rend le Markdown et Mermaid du module directement depuis la source publique de documentation.
Overview#
The Compliance domain manages compliance frameworks, policy bundles, and regulatory controls. It provides a centralized system for tracking compliance with regulatory standards (GDPR, HIPAA, SOC2, PCI-DSS, ISO 27001, NIST) and managing policy rule sets that enforce these standards.
Key Features#
- Centralized compliance framework registry with versioned control definitions
- Policy bundle management with cryptographic fingerprinting and versioning
- Bundle activation workflow with validation, pre-activation checks, and rollback support
- Control validation to identify missing compliance requirements
- Policy rules with configurable actions (ALLOW, DENY, AUDIT, ALERT, REQUIRE_APPROVAL)
- Support for GDPR, HIPAA, SOC2, PCI-DSS, ISO 27001, and NIST frameworks
- Immutable audit logs for all compliance changes
- Automated compliance reporting with gap analysis
Use Cases#
- Tracking organizational compliance across multiple regulatory frameworks
- Managing and activating versioned policy bundles for enforcement
- Validating control implementation against framework requirements
- Generating compliance reports with gap identification and remediation recommendations
Integration#
Integrates with policy enforcement, audit logging, and security services. Supports organization-specific compliance configurations.
Last Reviewed: 2026-02-05