Agentic AI Atlasby a5c.ai
/
GitHubDocsDiscord
iiRecord
Agentic AI Atlas · GRC Framework Assessment
workflow:grc-framework-assessmenta5c.ai
II.
Workflow JSON

workflow:grc-framework-assessment

Structured · live

GRC Framework Assessment json

Inspect the normalized record payload exactly as the atlas UI reads it.

File · workflows/workflows/workflows-grc.yamlCluster · workflows
Record JSON
{
  "id": "workflow:grc-framework-assessment",
  "_kind": "Workflow",
  "_file": "workflows/workflows/workflows-grc.yaml",
  "_cluster": "workflows",
  "attributes": {
    "displayName": "GRC Framework Assessment",
    "workflowKind": "governance",
    "triggerType": "scheduled",
    "typicalCadence": "quarterly",
    "complexity": "cross-team",
    "description": "Assesses organizational GRC (Governance, Risk, and Compliance) framework\nmaturity -- mapping control implementations against NIST CSF, ISO 27001,\nand SOC 2 Type II requirements, evaluating control effectiveness through\nautomated evidence collection and testing, identifying control gaps and\nredundancies across overlapping frameworks, reviewing policy document\ncurrency and attestation completion rates, and scoring organizational\nrisk posture against peer benchmarks. Produces control matrix heat maps,\nframework gap analyses, and audit readiness scorecards. Excludes control\nremediation implementation.\n"
  },
  "outgoingEdges": [
    {
      "from": "workflow:grc-framework-assessment",
      "to": "role:security-reviewer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "role:principal-engineer",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "role:planner",
      "kind": "involves_role",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "skill-area:incident-response",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "skill-area:observability-pipeline",
      "kind": "requires_skill_area",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "domain:cybersecurity-grc",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "domain:compliance",
      "kind": "applies_to_domain",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "responsibility:run-security-scans",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "responsibility:threat-modeling",
      "kind": "triggers_responsibility",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "org-unit:security-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    },
    {
      "from": "workflow:grc-framework-assessment",
      "to": "org-unit:risk-management-team",
      "kind": "performed_by_org_unit",
      "attributes": {}
    }
  ],
  "incomingEdges": []
}