Live demoFictional sample data. Explore every screen. Nothing you click is saved.Fictional sample data. Nothing is saved.
Sign up for a real accountSign up18Compliance
Jurisdictional legal and regulatory obligations, tracked separately from framework controls — e.g. breach notification deadlines, registration renewals, and disclosure requirements.
Significant incidents must be reported to the competent authority within 24 hours of awareness.
Related control: CC7.4 — Incident response tested
Annual registration renewal with the California Privacy Protection Agency.
Annual review of the appointed Article 27 UK representative.
Material cybersecurity incidents must be disclosed within 4 business days of determination.
Related control: CC7.4 — Incident response tested