Demo ModeSample Data Only

This is a Demo Compliance Environment

No real customer data is stored here. All organizations, evidence, assessments, and control updates are seeded sample/demo data for product demonstrations.

Active demo organization: King's Healthcare, Inc. (Demo Organization)

Demo Organization Switcher

Guided audit workflow

Start A New Compliance Audit

Add the client and vendor, choose framework scope, generate control responses, and begin the assessment.

8 frameworks4 organizations4 assessments

View Assessments Customer Dashboard

Framework Library

Includes HIPAA, NIST CSF, NIST 800-171/172/53, SOC 2, ISO 27001, CIS

Organizations

Existing orgs are suggested in the wizard; new names are created automatically.

Assessments

New audits appear in Customer Dashboard, Vendor Workspace, and Assessments.

New Audit Wizard

Create a client/vendor audit engagement, choose frameworks, and auto-generate the audit scope.

Who is involved?

Enter the customer (auditor/procurement team) and the vendor (organization being assessed).

Customer Organization

Vendor Organization

Engagement Name (optional)

Assessment Name (optional)

Choose frameworks

Select one or more compliance frameworks. The wizard will generate all matching controls into the audit scope.

CIS Controls

CIS · v8 · 6 controls

HIPAA Security Rule

HIPAA · 45 CFR 164 · 6 controls

ISO/IEC 27001

ISO27001 · 2022 · 6 controls

NIST Cybersecurity Framework

NIST · 2.0 · 6 controls

NIST SP 800-171

NIST800171 · Rev. 3 · 6 controls

NIST SP 800-172

NIST800172 · Enhanced Security · 6 controls

NIST SP 800-53

NIST80053 · Rev. 5 · 6 controls

SOC 2

SOC2 · Trust Services Criteria · 6 controls

Set timeline

Set the audit start date and due date. New control responses and findings will inherit the due date.

Start Date

Due Date (optional)

Scope preview

0 frameworks selected · approximately 0 control responses will be generated

How The Workflow Works

This is the intended operating flow for customer-ready audits.

Start audit

Create customer + vendor engagement, choose framework(s), and generate the audit scope.

Vendor completes controls

Use the Vendor Workspace to update control status, attach evidence, and track requests.

Customer reviews & exports

Review queue and POA&M items in Customer Dashboard, then export assessment reports.

What gets created

`Organization` records for customer and vendor (created if missing)

`Engagement` linking the customer and vendor

`Assessment` tied to the vendor and engagement

`ControlResponse` rows for selected framework controls

`Finding` rows (legacy compatibility for current assessment pages)