Imagine if there were a standardized API model and data model for retrieving control evidence? Something that security/GRC practitioners, control owners, and auditors could consistently validate the completeness and accuracy of and thus trust as a gold standard source of truth for compliance audits of all kinds?
That's what we're building here.
The convo that started it all: https://www.linkedin.com/posts/ayoubfandi_grcengineering-complianceautomation-helpmyfriendjson-activity-7308816365061062656-HJXT