Compliance Requirement Block
Document regulatory and compliance requirements with status tracking, evidence, and ownership. Track GDPR, SOC 2, HIPAA, PCI DSS, and other compliance obligations.
The Compliance Requirement block documents regulatory obligations and tracks compliance status. Each requirement includes the regulation source, compliance status, evidence of compliance, and ownership information.
When to Use
Block Properties
| Property | Required | Description |
|---|---|---|
| Requirement ID | No | Unique identifier (e.g., GDPR-001) |
| Requirement | Yes | The compliance requirement text |
| Regulation | No | Source regulation (GDPR, SOC 2, HIPAA, etc.) |
| Status | No | Current compliance status |
| Evidence | No | How compliance is demonstrated |
| Owner | No | Person or team responsible |
| Review Date | No | Next scheduled review |
| Notes | No | Additional context or comments |
Status Values
Supported Regulations
| Regulation | Full Name |
|---|---|
| GDPR | General Data Protection Regulation |
| SOC 2 | Service Organisation Control 2 |
| HIPAA | Health Insurance Portability and Accountability Act |
| PCI DSS | Payment Card Industry Data Security Standard |
| ISO 27001 | Information Security Management |
| NIST | National Institute of Standards and Technology |
| FedRAMP | Federal Risk and Authorisation Management Program |
| CCPA | California Consumer Privacy Act |
| SOX | Sarbanes-Oxley Act |
| FISMA | Federal Information Security Management Act |
Example: GDPR Data Subject Rights
A compliant GDPR requirement.
Example: SOC 2 Access Control
A requirement in progress.
Example: PCI DSS Encryption
A non-compliant finding requiring remediation.
Example: Not Applicable
A requirement that does not apply to the system.