Compliance Tracker

Continuous compliance monitoring · Next audit: Apr 15

SOC 2 Type II

92%

10✓2~1✗/ 12 controls

ISO 27001

87%

11✓2~1✗/ 14 controls

HIPAA

78%

6✓2~1✗/ 9 controls

PCI-DSS

95%

8✓/ 8 controls

SOC 2 Type II — Control Matrix

Control ID	Name	Status	Evidence	Owner	Last Reviewed
CC1.1	Demonstrates commitment to integrity and ethical values CC1 — COSO	Pass	4	a.petrov	Mar 1
CC2.1	Communicates internally about objectives and responsibilities CC2 — Communication	Pass	6	a.petrov	Feb 28
CC3.1	Specifies suitable objectives to identify and assess risk CC3 — Risk Assess.	Pass	3	m.chen	Feb 27
CC6.1	Implements logical access security measures CC6 — Logical Access	Pass	12	j.admin	Mar 2
CC6.2	Prior to issuing system credentials, entity registers users CC6 — Logical Access	Pass	8	j.admin	Mar 1
CC6.3	Removes access when no longer required CC6 — Logical Access	Partial	2	d.lee	Feb 20
CC7.1	Detects and monitors for new vulnerabilities CC7 — System Ops.	Pass	9	s.reed	Mar 2
CC7.2	Monitors system components for anomalous behaviour CC7 — System Ops.	Pass	15	s.reed	Mar 2
CC8.1	Authorises, designs, develops, and implements changes CC8 — Change Mgmt.	Partial	1	p.nair	Feb 15
CC9.1	Identifies, selects, and develops risk mitigation activities CC9 — Risk Mitigation	Pass	5	m.chen	Feb 28
A1.1	Current processing capacity and usage managed to meet demands A1 — Availability	Pass	7	p.nair	Mar 1
PI1.1	Prepares and processes data to meet entity objectives PI1 — Processing Int.	Fail	0	unassigned	—

CC1.1Pass

Demonstrates commitment to integrity and ethical values

CC1 — COSOa.petrov · Mar 1

CC2.1Pass

Communicates internally about objectives and responsibilities

CC2 — Communicationa.petrov · Feb 28

CC3.1Pass

Specifies suitable objectives to identify and assess risk

CC3 — Risk Assess.m.chen · Feb 27

CC6.1Pass

Implements logical access security measures

CC6 — Logical Accessj.admin · Mar 2

CC6.2Pass

Prior to issuing system credentials, entity registers users

CC6 — Logical Accessj.admin · Mar 1

CC6.3Partial

Removes access when no longer required

CC6 — Logical Accessd.lee · Feb 20

CC7.1Pass

Detects and monitors for new vulnerabilities

CC7 — System Ops.s.reed · Mar 2

CC7.2Pass

Monitors system components for anomalous behaviour

CC7 — System Ops.s.reed · Mar 2

CC8.1Partial

Authorises, designs, develops, and implements changes

CC8 — Change Mgmt.p.nair · Feb 15

CC9.1Pass

Identifies, selects, and develops risk mitigation activities

CC9 — Risk Mitigationm.chen · Feb 28

A1.1Pass

Current processing capacity and usage managed to meet demands

A1 — Availabilityp.nair · Mar 1

PI1.1Fail

Prepares and processes data to meet entity objectives

PI1 — Processing Int.unassigned · —