Compliance Frameworks
SWAO Community Edition ships with four built-in compliance frameworks. Additional frameworks can be added via the community framework extension mechanism (see Contributing).
Built-in Frameworks
| Framework | ID | Controls | Domain |
|---|---|---|---|
| GDPR | gdpr | 46 | Data Protection (EU) |
| HIPAA Security Rule | hipaa | 45 | Healthcare Data (US) |
| AI 10 Pillars | ai_10_pillars | 30 | Responsible AI |
| COBIT 5 | cobit_5 | 37 | IT Governance |
| NIST SP 800-66 R2 | nist_sp_800_66r2 | 66 | Healthcare Cybersecurity (US) |
Listing Frameworks at Runtime
bash
swao framework listAdding a Custom Framework
Community frameworks live in controls/<slug>/ in the SWAO workspace. Each framework requires two files:
framework-meta.yaml-- display name, version, contributor blockcontrols.yaml-- the control definitions
See Contributing for the full contributor guide and schema reference.