GRC Platform | Governance, Risk & Compliance

Demo ModeSample Data Only

This is a Demo Compliance Environment

No real customer data is stored here. All organizations, evidence, assessments, and control updates are seeded sample/demo data for product demonstrations.

Active demo organization: King's Healthcare, Inc. (Demo Organization)

Demo Organization Switcher

Control	Domain	Framework	Risk	Owner	Notes
A1.2 Availability Commitments	Availability	SOC 2	High	Security	Control requires remediation and/or additional evidence for audit readiness.
CC1.1 Integrity and Ethical Values	Control Environment	SOC 2	—	Compliance	Control implemented and evidence collected for demo audit review.
CC2.1 Board Oversight	Communication & Information	SOC 2	High	IT	Control requires remediation and/or additional evidence for audit readiness.
CC6.1 Logical Access Controls	Logical and Physical Access Controls	SOC 2	—	Platform	Control implemented and evidence collected for demo audit review.
CC7.2 System Monitoring	System Operations	SOC 2	Low	Engineering	Control requires remediation and/or additional evidence for audit readiness.
CC8.1 Change Management	Change Management	SOC 2	High	GRC	Control requires remediation and/or additional evidence for audit readiness.
A.5.1 Policies for Information Security	Organizational Controls	ISO/IEC 27001	—	Security	Control implemented and evidence collected for demo audit review.
A.5.15 Access Control	Organizational Controls	ISO/IEC 27001	—	Compliance	Control not applicable in this demo assessment scope.
A.5.23 Information Security for Cloud Services	Organizational Controls	ISO/IEC 27001	Medium	IT	Control requires remediation and/or additional evidence for audit readiness.
A.8.15 Logging	Technological Controls	ISO/IEC 27001	—	Platform	Control implemented and evidence collected for demo audit review.
A.8.16 Monitoring Activities	Technological Controls	ISO/IEC 27001	High	Engineering	Control requires remediation and/or additional evidence for audit readiness.
A.8.28 Secure Coding	Technological Controls	ISO/IEC 27001	—	GRC	Control implemented and evidence collected for demo audit review.

Control

Domain

Framework

Status

Risk

Owner

Notes

A1.2

Availability Commitments

Availability

SOC 2

High

Security

Control requires remediation and/or additional evidence for audit readiness.

CC1.1

Integrity and Ethical Values

Control Environment

SOC 2

—

Compliance

Control implemented and evidence collected for demo audit review.

CC2.1

Board Oversight

Communication & Information

SOC 2

High

Control requires remediation and/or additional evidence for audit readiness.

CC6.1

Logical Access Controls

Logical and Physical Access Controls

SOC 2

—

Platform

Control implemented and evidence collected for demo audit review.

CC7.2

System Monitoring

System Operations

SOC 2

Low

Engineering

Control requires remediation and/or additional evidence for audit readiness.

CC8.1

Change Management

SOC 2

High

GRC

Control requires remediation and/or additional evidence for audit readiness.

A.5.1

Policies for Information Security

Organizational Controls

ISO/IEC 27001

—

Security

Control implemented and evidence collected for demo audit review.

A.5.15

Access Control

Organizational Controls

ISO/IEC 27001

—

Compliance

Control not applicable in this demo assessment scope.

A.5.23

Information Security for Cloud Services

Organizational Controls

ISO/IEC 27001

Medium

Control requires remediation and/or additional evidence for audit readiness.

A.8.15

Logging

Technological Controls

ISO/IEC 27001

—

Platform

Control implemented and evidence collected for demo audit review.

A.8.16

Monitoring Activities

Technological Controls

ISO/IEC 27001

High

Engineering

Control requires remediation and/or additional evidence for audit readiness.

A.8.28

Secure Coding

Technological Controls

ISO/IEC 27001

—

GRC

Control implemented and evidence collected for demo audit review.

King's FinTech, Inc. Control Validation Review

Assessment Controls