Real-Time Compliance Score
Live compliance percentage calculated from control status, evidence, and attestations. Track trends over time.
Compliance Dashboard
The GLACIS Compliance Dashboard provides a unified view of your AI compliance posture. Monitor real-time compliance scores, manage evidence, track attestations, and generate audit-ready reports.
Dashboard Overview
┌─────────────────────────────────────────────────────────────────┐│ GLACIS Dashboard │├─────────────────────────────────────────────────────────────────┤│ ││ ┌─────────────────────────────────────────────────────────┐ ││ │ Compliance Score: 67% ↑5% (30d) │ ││ │ ████████████████████░░░░░░░░░░ │ ││ └─────────────────────────────────────────────────────────┘ ││ ││ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ ││ │ AI Systems │ │ Controls │ │ Attestations │ ││ │ 5 │ │ 156/184 │ │ 50,847 │ ││ │ registered │ │ applicable │ │ this month │ ││ └──────────────┘ └──────────────┘ └──────────────┘ ││ ││ Recent Activity ││ • L2 attestation received (2 min ago) ││ • Control A.6.2.6 implemented (1 hour ago) ││ • Policy document uploaded (3 hours ago) ││ │└─────────────────────────────────────────────────────────────────┘Key Features
Control Library
All 184 ISO 42001 controls with implementation status, evidence links, and ownership assignments.
Evidence Management
Collect, organize, and link evidence to controls. Supports attestations, documents, and external links.
Gap Analysis
AI-powered gap identification with prioritized remediation recommendations.
Attestation Viewer
Browse attestations, verify Merkle proofs, and inspect policy scores.
Export & Reports
Generate OSCAL packages, Statements of Applicability, and executive reports.
Navigation
Sidebar Menu
| Section | Description |
|---|---|
| Home | Dashboard overview and quick stats |
| Controls | Browse and manage ISO 42001 controls |
| Evidence | Upload and manage evidence |
| Attestations | View attestations from sidecars |
| AI Systems | Manage AI system registry |
| Gap Analysis | View and prioritize gaps |
| Reports | Generate compliance reports |
| Settings | Organization and user settings |
Compliance Score
The compliance score is calculated based on:
Score = (Implemented Controls / Applicable Controls) × 100
Where:- Implemented = Status is "implemented" AND evidence exists- Applicable = Controls marked as applicable in SOADomain Breakdown
┌────────────────────────────────────────────────────┐│ Domain Compliance │├────────────────────────────────────────────────────┤│ A.2 Governance ████████████████░░░░ 85% ││ A.4 Inventory ████████████████████ 100% ││ A.5 Assessments █████████░░░░░░░░░░░ 45% ││ A.6 Lifecycle ██████████████░░░░░░ 72% ││ A.7 Data ████████████░░░░░░░░ 60% ││ A.8 Operations ███████████░░░░░░░░░ 55% ││ A.9 Use ██████████████░░░░░░ 70% ││ A.10 Third-Party ██████████░░░░░░░░░░ 50% │└────────────────────────────────────────────────────┘Trend Analysis
View compliance progress over time:
- 7-day trend
- 30-day trend
- 90-day trend
- Custom date range
Control Management
Control Status
Each control has one of three statuses:
| Status | Description | Visual |
|---|---|---|
| Not Started | No implementation or evidence | ⚪ Gray |
| In Progress | Partial implementation | 🟡 Yellow |
| Implemented | Complete with evidence | 🟢 Green |
Control Details
Click any control to view:
┌─────────────────────────────────────────────────────────────┐│ A.6.2.6 - AI System Monitoring │├─────────────────────────────────────────────────────────────┤│ Domain: A.6 - AI System Lifecycle ││ Status: Implemented ✓ ││ Owner: Sarah Chen (security@acme.com) ││ Applicable: Yes ││ ││ Description: ││ The organization shall monitor AI systems during ││ operation to detect anomalies and performance issues. ││ ││ Guidance: ││ Implement continuous monitoring including logging, ││ alerting, and regular review of AI system behavior. ││ ││ Evidence (1,247 items): ││ • 1,245 attestations (auto-mapped) ││ • 1 document: "Monitoring Policy v2.pdf" ││ • 1 link: "Datadog Dashboard" ││ ││ [Add Evidence] [Update Status] [Edit] │└─────────────────────────────────────────────────────────────┘Evidence Management
Evidence Types
Attestations
Automatically captured from GLACIS sidecars. Includes L0 metadata and L2 evidence with policy scores.
Auto-mapped to relevant controls.
Documents
Upload policy documents, procedures, audit reports. Supports PDF, DOCX, and images.
Manual upload with metadata.
Links
Reference external systems like monitoring dashboards, ticketing systems, or repositories.
URL with description.
Uploading Evidence
- Navigate to Evidence or the specific control
- Click Add Evidence
- Select evidence type
- Upload file or enter URL
- Add title and description
- Link to controls (auto-suggested)
- Save
Auto-Evidence
Attestations from sidecars are automatically:
- Received via webhook
- Validated and stored
- Mapped to applicable controls
- Counted in compliance score
AI Systems Registry
Manage your AI system inventory:
┌─────────────────────────────────────────────────────────────┐│ AI Systems [+ Add New] │├─────────────────────────────────────────────────────────────┤│ ┌─────────────────────────────────────────────────────┐ ││ │ 🤖 Customer Support Chatbot │ ││ │ Risk: Medium | Status: Production │ ││ │ Model: GPT-4 | Monthly: 10,000 interactions │ ││ │ Last attestation: 2 minutes ago │ ││ └─────────────────────────────────────────────────────┘ ││ ││ ┌─────────────────────────────────────────────────────┐ ││ │ 🎯 Fraud Detection Model │ ││ │ Risk: High | Status: Production │ ││ │ Model: Custom ML | Monthly: 500,000 evaluations │ ││ │ Last attestation: 5 minutes ago │ ││ └─────────────────────────────────────────────────────┘ ││ ││ ┌─────────────────────────────────────────────────────┐ ││ │ 📊 Recommendation Engine │ ││ │ Risk: Low | Status: Production │ ││ │ Model: Collaborative Filtering | Monthly: 1M │ ││ │ Last attestation: 1 hour ago │ ││ └─────────────────────────────────────────────────────┘ │└─────────────────────────────────────────────────────────────┘System Details
For each AI system, track:
- Name and description
- Risk tier (High/Medium/Low)
- Deployment status
- Data access categories
- User exposure
- Related controls
- Attestation history
Attestation Viewer
Browse and inspect attestations:
┌─────────────────────────────────────────────────────────────┐│ Attestations [Filter] [Export] │├─────────────────────────────────────────────────────────────┤│ Level │ Epoch │ Time │ Policies │ Actions │├─────────────────────────────────────────────────────────────┤│ L2 ● │ epoch_011514 │ 2min ago │ ✓ ✓ ✓ │ [View] ││ L0 ○ │ epoch_011514 │ 2min ago │ — │ [View] ││ L2 ● │ epoch_011514 │ 5min ago │ ✓ ✓ ✓ │ [View] ││ L0 ○ │ epoch_011514 │ 5min ago │ — │ [View] ││ L0 ○ │ epoch_011514 │ 6min ago │ — │ [View] ││ L2 ● │ epoch_011514 │ 10min ago │ ✓ ⚠ ✓ │ [View] │└─────────────────────────────────────────────────────────────┘Attestation Details
┌─────────────────────────────────────────────────────────────┐│ Attestation att_xyz789 │├─────────────────────────────────────────────────────────────┤│ Level: L2 ││ Epoch: epoch_2024011514 ││ Timestamp: 2024-01-15T14:30:00Z ││ ││ Policy Scores: ││ • Toxicity: 0.05 ✓ ││ • PII: Not detected ✓ ││ • Bias: 0.02 ✓ ││ ││ Cryptographic Proof: ││ • Request commitment: sha256:abc123... ││ • Evidence commitment: sha256:def456... ││ • Signature: ed25519:ghi789... ✓ Valid ││ ││ Merkle Proof: ││ • Root: 0x123... ││ • Index: 1247 ││ • Verified: ✓ ││ ││ [Verify Proof] [View Raw] [Download] │└─────────────────────────────────────────────────────────────┘Reports & Export
Available Exports
| Format | Description | Use Case |
|---|---|---|
| OSCAL | NIST standard JSON | Automated compliance tools |
| SOA | Statement of Applicability | ISO 42001 certification |
| Executive summary | Board reporting | |
| CSV | Control status | Spreadsheet analysis |
Creating Reports
- Navigate to Reports
- Select report type
- Choose date range or snapshot
- Click Generate
- Download or share
Settings
Organization Settings
- Organization name and details
- Default framework selection
- Attestation webhook URL
- Notification preferences
User Management
- Invite team members
- Assign roles (Admin, Editor, Viewer)
- Manage permissions
API Keys
- Generate API keys
- Set key scopes
- Rotate keys
- View usage
Next Steps
Control Library Browse and manage ISO 42001 controls.
Evidence Management Learn how to collect and organize evidence.
Gap Analysis Identify and prioritize compliance gaps.
Export & Reports Generate audit-ready compliance reports.