ComplianceOS
Compliance OS for SMEs: frameworks, policies, tasks, gap analysis, and alerts for SOC 2, GDPR, HIPAA, ISO 27001.
Problem
SMEs need to demonstrate compliance across multiple frameworks (SOC 2, GDPR, HIPAA, ISO 27001) but lack a single control plane. Policies, tasks, evidence, and gap analysis live in spreadsheets and email; audits are painful and reactive.
Solution
ComplianceOS is a compliance runtime: built-in engine with four frameworks and 100+ requirements, document upload → gap analysis → findings and tasks. A single dashboard ties policies, tasks, frameworks, alerts, and billing. Demo mode runs with sample data and no Supabase/Stripe setup.
Why it matters
One platform reduces audit prep time and keeps compliance continuous instead of point-in-time. Extensible architecture (framework-as-data, webhooks, APIs) lets teams evolve coverage as regulations change.
Tech choices
- Next.js 15 — App Router, TypeScript, server and client components for dashboard and demo flows.
- Supabase — PostgreSQL and Auth for production; demo mode works without credentials.
- Stripe — Billing and subscription tiers (Starter, Professional, Business).
- Tailwind v4 — Consistent, maintainable UI; Recharts for compliance metrics.