Skip to main content

Compliance

Compliance Feature Notes will cover evidence, auditor access, policy catalogs, exports, watermarking, redaction, and SOC 2/HIPAA/GLBA mapping.

Current status:

  • Evidence and auditor-safe read foundations exist in the platform.
  • Control catalog v0 is implemented in OP-009.
  • Auditor export/redaction contracts are accepted in OP-037.
  • Auditor redaction policy runtime is implemented in OP-010.
  • Auditor export runtime is implemented in OP-037R with redacted CSV and watermarked PDF artifacts.
  • Auditor export request UI is implemented in OP-066m with API-backed request/status/hash/download controls.
  • Auditor session enforcement is implemented in OP-057 with tenant-scoped time-boxed access windows, denial audit, and read/export compatibility.
  • Auditor session countdown UI is implemented in OP-066n from the backend OP-057 access-window metadata exposed by /api/v1/session.
  • Policy catalog and tenant policy forking contracts are accepted in OP-038.
  • Policy forking runtime is implemented in OP-038R with tenant-managed forks, optimistic versioning, audit, lifecycle events, and a read-only console surface.

Current contract notes:

  • Auditor export and redaction foundation
  • Auditor redaction policy runtime
  • Auditor export runtime
  • Auditor export request UI
  • Auditor session enforcement runtime
  • Auditor session countdown UI
  • Control catalog v0
  • Policy catalog and tenant policy forking
  • Policy forking runtime