β‘ GetCimple Quick Reference¶
Everything you need to know about GetCimple in one concise document.
π― What We're Building¶
GetCimple: A cybersecurity compliance SaaS platform that createst a win-win between board directors (who need oversight) and management teams (who handle implementation).
Target Market: Australian businesses (\(2M-\)20M turnover) with board directors facing personal liability under Section 180 of the Corporations Act.
π Core Values Checklist¶
Before any decision, ask:
β Simplicity¶
- Is this the simplest solution?
- Can non-technical directors understand it?
- Does it reduce complexity?
β Dual Value¶
- Does it help directors with oversight?
- Does it help management with implementation?
- Is it a win-win for both?
β Sustainability¶
- Can our 3-person team maintain this?
- Is it built at a calm pace?
- Will it work long-term?
π MVP Scope (What We're Building First)¶
Core Features¶
- β Multi-tenant architecture with Kinde Auth
- β Essential Eight compliance tracking
- β Director dashboard (governance view)
- β Management dashboard (implementation view)
- β Policy management & acknowledgment
- β Basic reporting for board meetings
Not in MVP¶
- β WhatsApp integration (post-MVP)
- β AI agents (post-MVP)
- β Advanced automation (post-MVP)
- β Cross-board unified views (never - regulatory requirement)
π οΈ Tech Stack¶
- Frontend: SvelteKit + TypeScript
- UI: Tailwind CSS + shadcn-svelte
- Backend: Cloudflare Workers
- Database: Supabase (PostgreSQL with RLS)
- Auth: Kinde
- Deployment: Cloudflare Pages
- Automation: n8n (future)
π Key Messaging¶
What We Say¶
- β "Governance oversight platform"
- β "Helps directors demonstrate due diligence"
- β "IT teams maintain full autonomy"
- β "Efficient context switching between boards"
What We Don't Say¶
- β "Technical security tool"
- β "Replaces IT decisions"
- β "Unified cross-board view"
- β "Antivirus replacement"
π§ Development Commands¶
# Documentation
npm run docs:internal:serve # Start docs server
npm run format:docs # Format all docs
npm run docs:check:all # Run all checks
# Code quality
npm run lint # Run linter
npm run format # Format code
npm run test # Run tests
# Git workflow
git checkout -b feat/feature-name # New feature
git checkout -b fix/issue-name # Bug fix
git checkout -b docs/update-name # Documentation
π₯ Our Users¶
Board Directors¶
- Time-poor, need quick oversight
- Concerned about personal liability
- Serve on multiple boards
- Not necessarily technical
Management Teams¶
- Handle day-to-day implementation
- Need to "manage up" effectively
- Want to reduce reporting burden
- Need clear compliance guidance
π Success Metrics¶
Technical¶
- Page load < 2 seconds
- 99.9% uptime
- Zero security breaches
- All features documented
Business¶
- Directors save time on governance
- Management reduces reporting effort
- Clear evidence of compliance
- Both stakeholders see value
π¨ Red Flags to Avoid¶
- Enterprise Theater: Complex processes inappropriate for our size
- Feature Creep: Adding features without clear dual value
- Over-Engineering: Building for problems we don't have
- Unified Board Views: Regulatory violation - keep boards separate
π Quick Resources¶
- Docs:
/docs-internal/- Internal documentation - Specs:
/specs/- Feature specifications - CLAUDE.md: Root directory - AI assistant instructions
- Deployment: Cloudflare Pages auto-deploys on push
π― Daily Checklist¶
- Are we building something both directors AND management need?
- Is it simple enough for our users?
- Can we maintain it with 3 people?
- Does it move us toward product-market fit?
Remember: We're a 3-person startup. Keep it simple, valuable, and focused on our dual users!