Risk & Control

Map controls to frameworks and manage compliance exceptions.

Overview

Risk & Control helps you map internal policies to external regulatory frameworks.

Supported Frameworks

GDPR, CCPA
HIPAA
SOC2 Type II
BCBS 239
EU AI Act

Control Mapping

POST /api/v1/risk/controls
{
  "name": "Data Classification",
  "frameworks": ["GDPR:Art5", "SOC2:CC6.1"],
  "policies": ["policy:pii-classification"]
}

Exception Workflow

Track and approve policy exceptions with full audit trail.