GitHub

Comp AI: Open-Source Compliance Platform

What is the project about?

Comp AI is an open-source platform designed to automate and simplify compliance with various standards like SOC 2, ISO 27001, and GDPR. It aims to make compliance management accessible to companies of all sizes.

What problem does it solve?

It transforms compliance from a manual, vendor-driven process into an engineering-focused task. It addresses the complexity and often tedious nature of achieving and maintaining compliance by automating evidence collection, policy management, and control implementation. It removes the "checkbox" mentality and replaces it with a code-driven approach.

What are the features of the project?

  • Automated evidence collection.
  • Policy management.
  • Control implementation.
  • Data and infrastructure control for the user.
  • Open Core model, with the majority (99%) under AGPLv3 and a small portion ("/ee") under a commercial license.

What are the technologies used in the project?

  • Next.js
  • Trigger.dev
  • Prisma.io
  • Tailwind CSS
  • Neon
  • Upstash
  • Vercel
  • Novu
  • Postgres (>=15.x)
  • Node.js (>=20.x)
  • Bun (>=1.1.36)

What are the benefits of the project?

  • Open Source: Transparency and community involvement. Users can inspect, modify, and contribute to the codebase.
  • Automation: Reduces manual effort and potential for errors in compliance tasks.
  • Engineering-Focused: Treats compliance as a technical problem, allowing for more efficient and scalable solutions.
  • Data Control: Users maintain control over their own data and infrastructure.
  • Cost-Effective: Potentially reduces reliance on expensive third-party compliance vendors.
  • Scalability: Designed to work for companies of any size.

What are the use cases of the project?

  • Companies seeking to achieve compliance with standards like SOC 2, ISO 27001, and GDPR.
  • Organizations wanting to automate their compliance processes.
  • Businesses looking for a more transparent and controllable approach to compliance management.
  • Teams that prefer an engineering-driven solution to compliance challenges.
comp screenshot