π Compliance Registers (MVP)¶
What They Do¶
Central registers for tracking compliance-critical information in one place.
Core Registers¶
1. Risk Register¶
- Track identified risks
- Rate likelihood and impact
- Monitor treatments
- Get board acceptance
- Show risk trends over time
2. Incident Register¶
- Log security incidents
- Track response actions
- Document lessons learned
- Report to board/regulators
- Identify patterns
3. Asset Register (Post-MVP)¶
- Critical systems inventory
- Data classification
- Owner assignment
- E8 compliance tracking
How It Works¶
Simple Data Entry
- Form-based input
- Required fields only
- Auto-calculated risk scores
- Clear status tracking
Easy Reporting
- Export to PDF/Excel
- Include in board reports
- Filter by status/date
- Visual dashboards
Compliance Ready
- Audit trail built-in
- Date/user stamping
- Change history
- Evidence attachment
Business Value¶
- Never lose track of risks or incidents
- One place for auditors to review
- Show improving over time
- Board visibility automatic
MVP Limitations¶
- Manual data entry (no API integration)
- Basic reporting (PDF/Excel export)
- Standard fields only (no customization)
Good enough to demonstrate compliance and track what matters.