Cross-Functional · Framework · Advanced · Saves 55+ hours
Compliance Management System
A system for managing compliance obligations.
What's included
- Compliance Inventory
- Regulatory requirements
- Contractual requirements
- Industry standards
- Compliance Operations
- Control mapping
- Evidence collection
- Monitoring and testing
- Issue management
- Governance
- Compliance ownership
- Reporting cadence
- Audit management
Best used when
- Multiple compliance frameworks
- Growing compliance requirements
- Audit preparation
- Compliance program maturity
Why this is Gold
Compliance is complex. This system creates manageable compliance.
The template
The Template
COMPLIANCE MANAGEMENT
Compliance Inventory
COMPLIANCE REQUIREMENTS INVENTORY
REGULATORY:
| Requirement | Applies? | Status | Owner |
|-------------|----------|--------|-------|
| GDPR | ☐ Yes ☐ No | ☐ Compliant | |
| CCPA | ☐ Yes ☐ No | ☐ Compliant | |
| HIPAA | ☐ Yes ☐ No | ☐ Compliant | |
| PCI DSS | ☐ Yes ☐ No | ☐ Compliant | |
CERTIFICATIONS:
| Certification | Applies? | Status | Next Audit |
|---------------|----------|--------|------------|
| SOC 2 | ☐ Yes ☐ No | ☐ Current | |
| ISO 27001 | ☐ Yes ☐ No | ☐ Current | |
| HIPAA | ☐ Yes ☐ No | ☐ Current | |
CONTRACTUAL:
| Customer | Requirement | Status |
|----------|-------------|--------|
| | | ☐ Compliant |
| | | ☐ Compliant |
Compliance Control Mapping
CONTROL MAPPING
CONTROL: _______________
ADDRESSES:
☐ SOC 2: _______________
☐ ISO 27001: _______________
☐ GDPR: _______________
☐ HIPAA: _______________
EVIDENCE:
| Evidence Type | Location | Frequency |
|---------------|----------|-----------|
| | | |
| | | |
OWNER: _______________
Review frequency: _______________
Compliance Calendar
| Task | Frequency | Due | Owner | Status |
|---|---|---|---|---|
| Access reviews | Quarterly | ☐ | ||
| Policy reviews | Annual | ☐ | ||
| Pen test | Annual | ☐ | ||
| SOC 2 audit | Annual | ☐ | ||
| Training | Annual | ☐ |
Frequently asked questions
What is the Compliance Management System?
A system for managing compliance obligations.
Who is the Compliance Management System for?
It is built for Cross-Functionals and their teams working on Security & Compliance. The AI coach adapts it to your company, stage, and goals.
How long does the Compliance Management System take to use?
It saves roughly 55+ hours versus building from scratch. Our AI coach can tailor the framework to your situation in minutes, then hand you a step-by-step plan.
Is the Compliance Management System free?
Yes. You can read the full framework and start getting coached through it for free. Sign in to save your tailored version and track your next steps.
How does the AI coach help with the Compliance Management System?
The coach teaches you the framework, asks a few questions about your business, tailors the framework to you, and gives you measurable next steps to execute.