Security posture
ComplianceOS is designed for secure pilots. It is not certified FedRAMP, HIPAA, SOC 2, or OSHA compliance by itself.
Organization-scoped authorization on server routes
Role-based access controls
Audit logging for sensitive actions
Evidence checksum tracking
AI outputs require citations and human review for high-risk findings
Security headers configured in Next.js