Comply is a SOC2-focused compliance automation tool:
- Policy Generator: markdown-powered document pipeline for publishing auditor-friendly policy documents
- Ticketing Integration: automate compliance throughout the year via your existing ticketing system
- SOC2 Templates: open source policy and procedure templates suitable for satisfying a SOC2 audit
macOS:
brew tap strongdm/comply; brew install comply
Linux:
Go users:
go get github.com/strongdm/comply
Start with comply init
:
$ mkdir my-company
$ cd my-company
$ comply init
Once comply init
is complete, just git init
and git push
your project to a new repository. You're ready to begin editing the included policy boilerplate text.
Join us in Comply Users
Comply relies on pandoc, which can be installed directly as an OS package or invoked via Docker.
NAME:
comply - policy compliance toolkit
USAGE:
comply [global options] command [command options] [arguments...]
COMMANDS:
init initialize a new compliance repository (interactive)
build, b generate a static website summarizing the compliance program
procedure, proc create ticket by procedure ID
scheduler create tickets based on procedure schedule
serve live updating version of the build command
sync sync ticket status to local cache
todo list declared vs satisfied compliance controls
help, h Shows a list of commands or help for one command
- Jira
- Github
- Gitlab
Assumes installation of golang and configuration of GOPATH in .bash_profile, .zshrc, etc Inspiration: http://code.openark.org/blog/development/forking-golang-repositories-on-github-and-managing-the-import-path
$ go get http://github.com/strongdm/comply
$ cd $GOPATH/src/github.com/strongdm/comply ; go get ./...
$ make
$ cd example
$ mv comply.yml.example comply.yml
$ ../comply -h
$ ../comply sync
$ ../comply serve
#
$ make # recompile as needed with in $GOPATH/src/github.com/strongdm/comply