⌘K

Controls Library

247 controls implemented across 8 frameworks. 96.8% controls passing continuous testing. Live evidence linked to data products and policies.

Active controls
247
Across the library
Frameworks mapped
8
DPDP, RBI, ISO, SOC 2, PCI, Basel, IRDAI, internal
Passing · 30d
96.8%
Continuous testing
Failing now
4
Exception workflow active
In remediation
12
Restoring passing state
Evidence · 30d
247K
Collected automatically

Framework adherence summary

247 unique controls cover 455 framework mappings
FrameworkMappedPassingAdherenceLast attestationNext dueStatus
DPDP (Digital Personal Data Protection Act 2023)4747
100%
Q1 2026 · 14 Apr 2026Q2 2026 · 14 Jul 2026Ready
RBI Master Directions8482
97.6%
14 Apr 2026Quarterly2 in remediation
ISO 27001:20228784
96.6%
12 Oct 202512 Oct 20263 in remediation
SOC 2 Type II6462
96.9%
18 Jan 202618 Jan 20272 in remediation
PCI DSS v4.04747
100%
4 Mar 20264 Mar 2027Ready
Basel III Pillar 32424
100%
14 Apr 2026QuarterlyReady
IRDAI (insurance regulation)1818
100%
14 Apr 2026QuarterlyReady
Internal Pinnacle Framework8481
96.4%
1 May 20261 Jun 20263 in remediation

Control category breakdown

Access control47
Data protection62
Audit and logging38
Change management28
Incident response18
Vendor and third-party22
Continuity14
Human and process18

Recent control activity

  • DPDP-C-014 Aadhaar masking compliance passed continuous test· 14 min ago

    8.7M records validated · 0 violations

  • RBI-C-038 Data localization for retail customer data passed continuous test· 1 hr ago

    Verified across Fabric, Databricks, Snowflake

  • ISO-A.5.34 Privacy in product development attestation completed· 2 hr ago

    Attested by Meera Pillai (Compliance Lead)

  • RBI-C-072 Cross-border data sharing — exception logged· 4 hr ago

    Singapore audit access · approved · expires 30 Jun 2026

  • ISO-A.8.10 Information deletion updated· 6 hr ago

    Aligned to Nov 2025 DPDP Rules clarification

  • SOC-CC8.1 Change management — Q2 evidence sample collected· 8 hr ago

    47 production changes reviewed · all properly approved

  • DPDP-C-022 Data principal rights workflow attested· 12 hr ago

    Monthly attestation completed

  • ISO-A.5.15 Access control policy annual review· 1 day ago

    Compliance Lead and CISO sign-off

  • PCI-DSS-3.4 Cardholder data masking Q2 evidence collected· 1 day ago

    47K masking enforcement events captured

  • AI-C-018 AI agent grounding integrity proposed· 2 days ago

    Under review by Compliance Lead

  • RBI-C-044 Aadhaar handling re-tested after April 2026 amendment· 3 days ago

    All consumer surfaces verified

  • Annual control library review completed for FY2025-26· 4 days ago

    247 controls reaffirmed

Recommendations

  • DPDP Phase 2 (14 Nov 2026) — 3 new requirements
    2 are already covered by existing controls; 1 requires a new control. Draft prepared and awaiting Compliance Lead review.
  • ISO 27001:2022 — all 11 net-new controls covered
    Annual surveillance audit recommended within 90 days. Audit package can be generated from the Reports tab.
  • PCI DSS v4.0.1 future-dated requirements
    v4.0 compliance complete. Future-dated requirements (1 Jan 2025) preparation begins now. Gap analysis available.
  • Cross-mapping opportunity
    14 controls currently mapped to a single framework could be cross-mapped to additional frameworks — reduces attestation effort by ~12 hours per cycle.