Public roadmap

What ships next

Updated 2 May 2026 · Customers vote at roadmap@compliancly.ai

Now (in QA / staging)

• 10 additional framework mappings (HIPAA, GDPR, NIST CSF v2, NIST 800-53, FedRAMP Moderate, NIS2, DORA, ISO 27017, ISO 27018, ISO 27701)
• Vendor-risk library — 1,000+ pre-assessed vendors with cached SOC 2 status
• Risk register with quantification (likelihood × impact × residual)
• Security questionnaire auto-fill from policy library
• Trust report PDF auto-generation

Next 90 days

• SOC 2 Type I attestation (us — eat our own dog food)
• 50+ deep integrations: HRIS (BambooHR, Rippling, Workday, Hibob), MDM (Kandji, Jamf, Intune, Hexnode), SSO (Okta, Azure AD, Google), EDR (CrowdStrike, SentinelOne), SIEM (Splunk, Datadog, Elastic)
• Python SDK + CLI on PyPI
• Terraform provider
• AWS Marketplace listing
• Slack + Teams notification bots

Next 6 months

• EU region (eu-central-1)
• US region (us-east-1)
• ISO 27001 attestation
• Auto-fix PR for IaC findings (Terraform, CloudFormation)
• Custom framework builder
• Risk-quantification (FAIR + RVR)
• Background-check orchestration (Checkr, Certn)
• Mobile companion app (iOS + Android, read-only)

Next 12 months

• HIPAA BAA + PCI-DSS Level 1
• FedRAMP Moderate (US gov segment)
• vCISO retainer offering
• Pen-test-as-a-service (with humans)
• Reseller / MSSP white-label

Items move based on real customer usage. Promised dates are targets, not contracts. Roadmap items in shipped today on the homepage are the only items billed. Contact us with regulatory must-haves.