displayName
Compliance Technology Stack Audit
workflowKind
governance
triggerType
scheduled
typicalCadence
semi-annually
complexity
cross-team
description
Audits the technology stack supporting compliance and regulatory
obligations -- reviewing security control implementation against SOC
2, ISO 27001, and industry-specific frameworks, evaluating legal
hold and e-discovery toolchain readiness, assessing financial
reporting system controls against SOX ITGCs, auditing data privacy
infrastructure for GDPR/CCPA compliance including consent management
and data subject request fulfillment, reviewing GRC platform
configuration accuracy against control framework mappings, evaluating
automated compliance monitoring coverage and alert fidelity, and
assessing evidence collection automation maturity. Produces
compliance tech stack assessment, control gap matrix, and
remediation prioritization. Excludes policy authoring.