identify what requirements are satisfied by policy/evidence/integration via tag
it would be a huge help to be able to identify what policies or evidence are tied to which compliance requirements and a way to be able to keep track which requirements have not been satisfied
lravelo 17 days ago
identify what requirements are satisfied by policy/evidence/integration via tag
it would be a huge help to be able to identify what policies or evidence are tied to which compliance requirements and a way to be able to keep track which requirements have not been satisfied
lravelo 17 days ago
Show in trust page when the security audio was run
The goal is to show that on top of SOC 2 we also had an external audit. and the date and maybe some ranking or overview of it
Martin DONADIEU 6 months ago
Show in trust page when the security audio was run
The goal is to show that on top of SOC 2 we also had an external audit. and the date and maybe some ranking or overview of it
Martin DONADIEU 6 months ago
show on trust page that our SOC 2 compliance report is only available for a certain plan
The goal is to use the trust page as sales material for our enterprise plan and explain clearly how to get it.
Martin DONADIEU 6 months ago
show on trust page that our SOC 2 compliance report is only available for a certain plan
The goal is to use the trust page as sales material for our enterprise plan and explain clearly how to get it.
Martin DONADIEU 6 months ago
Ensure user has actually reviewed policies and security training videos
Feedback on the policy review and training, an employee doesn't actually have to read the policies or watch the videos, they can just mark them off as reviewed. There should be some more controls around ensuring the employee has actually done the review of the documents or played the videos.
wthomson 6 months ago
Ensure user has actually reviewed policies and security training videos
Feedback on the policy review and training, an employee doesn't actually have to read the policies or watch the videos, they can just mark them off as reviewed. There should be some more controls around ensuring the employee has actually done the review of the documents or played the videos.
wthomson 6 months ago
Ability to track policy todos
One of the biggest holdups for me is that I’ve been going through each policy and making a checklist of the claims within each policy and determining if it's currently done, an easy to-do, if it needs a process update, or something else. I’d love to have some sort of way to track/manage those within each policy (and have it on an account level). Having that built into the policies would actually be SUPER helpful. Right now, I'm doing that manually.
Zack Gilbert 6 months ago
Ability to track policy todos
One of the biggest holdups for me is that I’ve been going through each policy and making a checklist of the claims within each policy and determining if it's currently done, an easy to-do, if it needs a process update, or something else. I’d love to have some sort of way to track/manage those within each policy (and have it on an account level). Having that built into the policies would actually be SUPER helpful. Right now, I'm doing that manually.
Zack Gilbert 6 months ago
Email invites for employees for the employee portal
Shoot an invite to employee emails with the link for the employee portal.
Dustin Turska 6 months ago
Email invites for employees for the employee portal
Shoot an invite to employee emails with the link for the employee portal.
Dustin Turska 6 months ago
Integration with SentinelOne
monitor for: device status threat detection events security configurations (ensuring that they match what is required from the compliance framework in question)
lravelo 7 months ago
Integration with SentinelOne
monitor for: device status threat detection events security configurations (ensuring that they match what is required from the compliance framework in question)
lravelo 7 months ago
Integrate with MDMs (i.e., JumpCloud, Intune, Endpoint Central) to pull user endpoint info
As an alternative to installing the CompAI agent, would be great to just leverage existing MDMs and their API’s to pull end users’ device data to find out if their machines are encrypted, have an anti-virus, etc.
lravelo 7 months ago
Integrate with MDMs (i.e., JumpCloud, Intune, Endpoint Central) to pull user endpoint info
As an alternative to installing the CompAI agent, would be great to just leverage existing MDMs and their API’s to pull end users’ device data to find out if their machines are encrypted, have an anti-virus, etc.
lravelo 7 months ago
Integration with Bitbucket for automated evidence
check for things like MFA, repo visibility, etc. Would also be nice to check if accounts of terminated personnel still exist in BitBucket in order to terminate.
lravelo 7 months ago
Integration with Bitbucket for automated evidence
check for things like MFA, repo visibility, etc. Would also be nice to check if accounts of terminated personnel still exist in BitBucket in order to terminate.
lravelo 7 months ago
Automated testing of Cloudflare config & security via API
Test for certain things: MFA enforcement is enabled Notifications are enabled IP Access rules are enabled Unwanted traffic is filtered Zone level rules are configured
lravelo 7 months ago
Automated testing of Cloudflare config & security via API
Test for certain things: MFA enforcement is enabled Notifications are enabled IP Access rules are enabled Unwanted traffic is filtered Zone level rules are configured
lravelo 7 months ago
Non-Admin should not show up on policy/tasts drop-dows
When wrapping up a task I wanted to assign it to another admin but the list displays both admins and employees. Only admins should be in the lists as they’re in charge of the process, not regular employees.
Francisco Saez 7 months ago
Non-Admin should not show up on policy/tasts drop-dows
When wrapping up a task I wanted to assign it to another admin but the list displays both admins and employees. Only admins should be in the lists as they’re in charge of the process, not regular employees.
Francisco Saez 7 months ago
Completed
Policy Table Filter
The table should have quick filters by department (missing field, added as feature request) and by admin. that way I can quickly review wchich ones I need to approbe.
Francisco Saez 7 months ago
Completed
Policy Table Filter
The table should have quick filters by department (missing field, added as feature request) and by admin. that way I can quickly review wchich ones I need to approbe.
Francisco Saez 7 months ago
Add Department Row on Policy Table
As a COMP customer I’d love to see on the main policy table the field “Department” to quickly see which policlies belong to which department on this overiew table. Right now I can only see the department when the specific policy is open
Francisco Saez 7 months ago
Add Department Row on Policy Table
As a COMP customer I’d love to see on the main policy table the field “Department” to quickly see which policlies belong to which department on this overiew table. Right now I can only see the department when the specific policy is open
Francisco Saez 7 months ago
Automatic task assignment by role
As a Comp user I’d like to add the critical team members during onboarding so the different tasks are automatically split between them. Tech goes to CTO HR gos to HR/Legal Etc.etc
Francisco Saez 7 months ago
Automatic task assignment by role
As a Comp user I’d like to add the critical team members during onboarding so the different tasks are automatically split between them. Tech goes to CTO HR gos to HR/Legal Etc.etc
Francisco Saez 7 months ago
New portal themes not working
My system theme is dark, but the portal doesnt adopt it. Also when i change it to dark manually, nothing happends:
Markus Palm 7 months ago
New portal themes not working
My system theme is dark, but the portal doesnt adopt it. Also when i change it to dark manually, nothing happends:
Markus Palm 7 months ago
More branding controls in the Trust Center
Our Trust Center is embedded directly into our website and plays a key role in shaping how large customers perceive our brand. Since it’s a touchpoint designed to build confidence, it’s important that it visually aligns with our brand identity. Right now, customization options are quite limited, which creates a mismatch with our otherwise consistent brand experience. Some things I’d like to do: Color customization – Ability to set primary, secondary, and background colors. (Example: we’d like a dark background theme to match our website.) Customize the header - add a description, contact email, and external links More subtle ‘Monitored by Comp AI‘ - should be at the bottom of the page. While I totally get its value, being a fellow startup, it should be a bit more discreet, especially on a site whose whole goal is to ensure trust. I don’t want to market another startup overly on it. I think that at the bottom of the page is equally good, as someone who’s interested will scroll there to check it out anyway. I think Intercom’s Trust Center is a good example of what we’d like to achieve with branding and customizations:
Markus Palm 7 months ago
More branding controls in the Trust Center
Our Trust Center is embedded directly into our website and plays a key role in shaping how large customers perceive our brand. Since it’s a touchpoint designed to build confidence, it’s important that it visually aligns with our brand identity. Right now, customization options are quite limited, which creates a mismatch with our otherwise consistent brand experience. Some things I’d like to do: Color customization – Ability to set primary, secondary, and background colors. (Example: we’d like a dark background theme to match our website.) Customize the header - add a description, contact email, and external links More subtle ‘Monitored by Comp AI‘ - should be at the bottom of the page. While I totally get its value, being a fellow startup, it should be a bit more discreet, especially on a site whose whole goal is to ensure trust. I don’t want to market another startup overly on it. I think that at the bottom of the page is equally good, as someone who’s interested will scroll there to check it out anyway. I think Intercom’s Trust Center is a good example of what we’d like to achieve with branding and customizations:
Markus Palm 7 months ago
Category tabs in the Trust Center
Would be crucial to be able to have different category tabs in the Trust Center for all of your relevant security & privacy documents and questions. E.g. Resources, Controls, Subprocessors, FAQ, Updates, etc. The AI chat in the future could also use them as additional data sources based on which ones the user has access to. The goal is for us to have this stuff as much self-serve as possible, so it’s important that everything security-related is in one place - which for us is Comp.
Markus Palm 7 months ago
Category tabs in the Trust Center
Would be crucial to be able to have different category tabs in the Trust Center for all of your relevant security & privacy documents and questions. E.g. Resources, Controls, Subprocessors, FAQ, Updates, etc. The AI chat in the future could also use them as additional data sources based on which ones the user has access to. The goal is for us to have this stuff as much self-serve as possible, so it’s important that everything security-related is in one place - which for us is Comp.
Markus Palm 7 months ago
Resources support in Trust Center
It would be nice to have support for all kinds of resources we want to provide our customers in the Trust Center, including all of our security reports (SOC 2, etc.). It should be possible to make them ‘Request access’ only. The AI chat in the future could also use them as additional data sources based on which ones the user has access to. The goal is for us to have this stuff as much self-serve as possible, so it’s important that everything security-related is in one place - which for us is Comp.
Markus Palm 7 months ago
Resources support in Trust Center
It would be nice to have support for all kinds of resources we want to provide our customers in the Trust Center, including all of our security reports (SOC 2, etc.). It should be possible to make them ‘Request access’ only. The AI chat in the future could also use them as additional data sources based on which ones the user has access to. The goal is for us to have this stuff as much self-serve as possible, so it’s important that everything security-related is in one place - which for us is Comp.
Markus Palm 7 months ago
Support 'Updates' in Trust Center
It’s important that larger customers receive updates about any of our security changes. For that it would be amazing if the Trust Center supported an ‘Updates’ tab: And also let users subscribe to updates so they’re always up to date with the latest changes:
Markus Palm 7 months ago
Support 'Updates' in Trust Center
It’s important that larger customers receive updates about any of our security changes. For that it would be amazing if the Trust Center supported an ‘Updates’ tab: And also let users subscribe to updates so they’re always up to date with the latest changes:
Markus Palm 7 months ago