About Platform Workflows
This document outlines the key workflows and processes within the Iru Compliance platform, showing how different components work together to create a complete compliance management system.How It Works
The Iru Compliance platform uses structured workflows to guide organizations through the compliance process, from initial framework selection to final audit readiness. The system automates many manual tasks while providing clear visibility into progress and requirements. The platform integrates multiple components - frameworks, controls, actions, and evidence - into cohesive workflows that ensure nothing falls through the cracks and compliance requirements are met systematically.Core Workflow: From Framework to Compliance
Framework Setup
1
Select Framework
Select Framework: Choose from supported compliance standards (SOC 2, ISO 27001, ISO 42001)
2
Configure Company Profile
Company Profile: Configure your organization’s details (industry, size, tech stack)
3
Generate AI Content
AI Generation: Platform generates tailored controls and actions
4
Customize Content
Customization: Review and modify generated content as needed
Control Management
1
Review Controls
Control Review: Examine AI-generated or imported controls
2
Customize Controls
Customization: Edit controls to match your specific requirements
3
Map Controls
Mapping: Ensure controls map correctly to framework requirements
4
Validate Controls
Validation: Verify control completeness and accuracy
Action Execution
1
Assign Actions
Action Assignment: Assign actions to team members with due dates
2
Review Descriptions
Description Review: Team members review action descriptions and requirements
3
Collect Evidence
Evidence Collection: Gather required artifacts and evidence
4
Collaborate on Actions
Collaboration: Use comments and delegation features for team coordination
5
Track Progress
Progress Tracking: Monitor completion status and deadlines
Evidence Management
1
Upload Artifacts
Artifact Upload: Upload evidence files, documents, or system exports
2
Turn On Auto-Collection
Auto-Collection: Use integrations for automatic evidence gathering
3
Validate Evidence
Validation: AI validates artifact relevance and completeness
4
Link Artifacts
Linking: Connect artifacts to specific actions and controls
5
Review Evidence
Review: Ensure all evidence meets audit requirements
Readiness Assessment
1
Monitor Progress
Progress Monitoring: Track completion across all frameworks
2
Analyze Gaps
Gap Analysis: Identify missing or incomplete requirements
3
Validate Controls
Validation: Ensure all controls are properly supported by evidence
4
Generate Reports
Reporting: Generate compliance status reports for stakeholders
Integration Workflows
Automated Evidence Collection
1
Connect Sources
Source Connection: Connect to HRIS, SSO, cloud providers, and other systems
2
Configure Mapping
Mapping Configuration: Define how system data maps to compliance requirements
3
Schedule Collection
Scheduled Collection: Set up automatic evidence gathering schedules
4
Validate Evidence
Validation: AI validates collected evidence against action requirements
5
Link Evidence
Linking: Automatically link validated evidence to appropriate actions
Manual Evidence Upload
1
Select Files
File Selection: Choose appropriate evidence files
2
Enter Metadata
Metadata Entry: Add titles, descriptions, and relevant tags
3
Upload Files
Upload Process: Upload files to the platform
4
Validate with AI
AI Validation: System validates file relevance and completeness
5
Review Manually
Manual Review: Team members review and approve evidence
Collaboration Workflows
Team Coordination
1
Distribute Assignments
Assignment Distribution: Assign actions to appropriate team members
2
Handle Delegation
Delegation: Transfer ownership when needed
3
Use Comments
Comment System: Use threaded comments for discussion and clarification
4
Track Activity
Activity Tracking: Monitor all changes and updates
5
Manage Notifications
Notification System: Stay informed of relevant updates and deadlines
Audit Preparation
1
Compile Evidence
Evidence Compilation: Gather all required evidence in one place
2
Review Validation
Validation Review: Ensure all evidence passes AI validation
3
Identify Gaps
Gap Identification: Identify and address any missing requirements
4
Prepare Documentation
Documentation: Prepare complete audit documentation
5
Review with Stakeholders
Stakeholder Review: Share compliance status with relevant parties