Compliance views - MergeGuide

The Compliance area of the dashboard shows how your code checks map to the compliance frameworks your organization is held to, and is where you produce evidence for an audit.

Framework coverage

The compliance views show, for each active framework, which controls your checks cover and where you have gaps. This is the same mapping described in Compliance overview: policies map to controls, controls roll up into frameworks. The frameworks available to you depend on your plan and your organization’s configuration.

Export evidence

When it’s time for an audit, export structured evidence rather than screenshots:

OSCAL export

Export NIST OSCAL documents for auditors and GRC tools.

SBOM export

Generate a CycloneDX or SPDX Software Bill of Materials.

Combine overlapping frameworks

If you’re held to more than one framework, PolicyMerge shows where their controls overlap so you can assess once and satisfy several. See PolicyMerge.

Next steps

Compliance overview

How frameworks, controls, and policies fit together.

PolicyMerge

Read the overlap view.

Dashboard PolicyMerge

​Framework coverage

​Export evidence