1
0
mirror of https://github.com/strongdm/comply synced 2024-11-16 21:04:54 +00:00
Go to file
2018-07-23 11:57:14 -07:00
build Added package for missing fonts, otherwise updated pandoc 2 with pandoc -f markdown+smart doesn't work and throws a mktextfm ecrm1000 error (#46) 2018-06-15 11:49:45 -07:00
example Add gitlab issue integration (#51) 2018-07-20 17:45:20 -07:00
internal automated asset refresh (via Makefile) 2018-07-23 11:57:06 -07:00
themes automated asset refresh (via Makefile) 2018-05-18 17:33:06 -07:00
vendor dep ensure 2018-07-20 17:55:27 -07:00
.gitignore spelled .envrc wrong 2018-05-23 17:04:03 -07:00
AUTHORS.txt update to reflect contributions 2018-07-02 17:12:00 -07:00
comply.go Initial commit 2018-05-15 14:13:11 -07:00
comply.rb Initial commit 2018-05-15 14:13:11 -07:00
Gopkg.lock dep ensure 2018-07-20 17:55:27 -07:00
Gopkg.toml Initial commit 2018-05-15 14:13:11 -07:00
LICENSE.txt Initial commit 2018-05-15 14:13:11 -07:00
logo.png logo (small) 2018-05-18 17:27:28 -07:00
Makefile prepare Makefile for introduction of Windows binary 2018-07-05 17:26:29 -07:00
pdf-example.png Initial commit 2018-05-15 14:13:11 -07:00
README.md Add gitlab issue integration (#51) 2018-07-20 17:45:20 -07:00
sc-1.gif Initial commit 2018-05-15 14:13:11 -07:00
sc-2.gif Initial commit 2018-05-15 14:13:11 -07:00
sc-3.gif Initial commit 2018-05-15 14:13:11 -07:00
sc-4.gif Initial commit 2018-05-15 14:13:11 -07:00
VERSION increment patch for release (via Makefile) 2018-07-23 11:57:14 -07:00

Comply

Comply is a SOC2-focused compliance automation tool:

  • Policy Generator: markdown-powered document pipeline for publishing auditor-friendly policy documents
  • Ticketing Integration: automate compliance throughout the year via your existing ticketing system
  • SOC2 Templates: open source policy and procedure templates suitable for satisfying a SOC2 audit

Installation

macOS:

brew tap strongdm/comply; brew install comply

Linux:

Download latest release

Go users:

go get github.com/strongdm/comply

Get Started

Start with comply init:

$ mkdir my-company
$ cd my-company
$ comply init

Once comply init is complete, just git init and git push your project to a new repository. You're ready to begin editing the included policy boilerplate text.

Discussion

Join us in Comply Users

Screenshots

Demo video

Start a Project

screencast 1

Build PDFs

screencast 4 pdf example

Track Policy Coverage

screencast 3

Dashboard

screencast 2

Dependencies

Comply relies on pandoc, which can be installed directly as an OS package or invoked via Docker.

CLI

NAME:
   comply - policy compliance toolkit

USAGE:
   comply [global options] command [command options] [arguments...]

COMMANDS:
     init             initialize a new compliance repository (interactive)
     build, b         generate a static website summarizing the compliance program
     procedure, proc  create ticket by procedure ID
     scheduler        create tickets based on procedure schedule
     serve            live updating version of the build command
     sync             sync ticket status to local cache
     todo             list declared vs satisfied compliance controls
     help, h          Shows a list of commands or help for one command

Ticketing Integrations:

  • Jira
  • Github
  • Gitlab

Forking and local development

Assumes installation of golang and configuration of GOPATH in .bash_profile, .zshrc, etc Inspiration: http://code.openark.org/blog/development/forking-golang-repositories-on-github-and-managing-the-import-path

$ go get http://github.com/strongdm/comply
$ cd $GOPATH/src/github.com/strongdm/comply ; go get ./...
$ make
$ cd example
$ mv comply.yml.example comply.yml
$ ../comply -h
$ ../comply sync
$ ../comply serve
#
$ make # recompile as needed with in $GOPATH/src/github.com/strongdm/comply