Skip to main content
The Compliance page shows how your security controls align to the compliance frameworks your organization is working toward. Instead of tracking raw framework requirements, SecurAtlas uses a unified control library — each control you implement can satisfy requirements across multiple frameworks simultaneously.

The unified control model

SecurAtlas maps its controls to industry frameworks rather than duplicating every framework requirement as a separate task. This means the control counts you see on the Compliance page reflect SecurAtlas controls aligned to that framework, not the total number of requirements the framework defines.
A single SecurAtlas control may satisfy multiple requirements within a framework, and across multiple frameworks at the same time. This is intentional — it’s how SecurAtlas avoids creating duplicate work when you’re pursuing certifications across several standards.

Summary KPIs

Four metrics appear at the top of the page:
  • Frameworks tracked — the number of frameworks you’ve selected
  • Avg readiness — the average readiness percentage across all tracked frameworks
  • Aligned controls — the total number of SecurAtlas controls that map to at least one of your active frameworks
  • Implemented — how many of those aligned controls you’ve fully implemented

Adding a framework

1

Click Add Frameworks

In the top-right corner of the Compliance page, click + Add Frameworks. This takes you to the framework selection page.
2

Select your frameworks

Browse the available frameworks — including ISO 27001, SOC 2 Type II, NIST CSF, HIPAA, PCI DSS, and others. Each listing shows whether the framework is a regulatory requirement, a certifiable standard, and the applicable region.
3

Save your selection

Confirm your selection. SecurAtlas immediately maps your existing controls to the newly selected frameworks and calculates initial readiness scores.

Reading a framework card

Each framework you’ve selected appears as a card on the Compliance page.
  • Name and key — the framework name (for example, ISO 27001) and its identifier
  • Readiness percentage — shown as a large number and as a color-coded progress bar (red below 40%, amber up to 70%, green at 70% and above)
  • Control counts — “X/Y SecurAtlas controls aligned” shows how many controls are implemented out of how many are mapped to this framework
  • Not yet implemented — the number of aligned controls still in not-started or in-progress state
  • About this framework — a brief description and tags indicating whether it’s a regulatory requirement, a certifiable standard, or specific to a region

Best and worst framework highlights

When you’re tracking more than one framework and there’s a meaningful difference (5 percentage points or more) between your highest and lowest scores, the page highlights:
  • Strongest alignment — the framework where your readiness is highest
  • Needs most attention — the framework with the most room for improvement
If all your frameworks are at similar readiness levels, a single summary tile shows your average across all of them with a note to focus on implementing controls to improve them simultaneously.

Downloading a compliance report

Click Download Report in the top-right corner to generate a PDF containing your full compliance posture — framework readiness scores, control implementation status, and evidence coverage.
The compliance report is designed for auditors and compliance reviewers. Download it before an audit engagement to give your auditor a complete picture of your current posture.
Reports are generated on demand and are also available through the API at /api/reports/compliance/{tenantId}. A link to download the report also appears on the main dashboard.