ControlMap

ControlMap is a web app (with optional desktop agent) that automates compliance evidence collection and control-to-regulation mapping for financial services teams. It connects to common systems (cloud logs, ticketing, IAM, HR, vendor management) and continuously pulls artifacts like access reviews, change approvals, incident reports, and policy attestations. An AI layer classifies evidence, links it to specific controls, flags gaps, and generates auditor-ready narratives and traceability matrices. The product focuses on the unglamorous middle: keeping evidence current, consistent, and searchable across frameworks (SOC 2, ISO 27001, PCI DSS, FFIEC, GDPR) without turning the team into spreadsheet janitors. It includes workflow for control owners, approvals, and time-stamped audit trails. Realistically, it won’t replace GRC suites at large banks, but it can win mid-market fintechs and regulated SaaS that need “good enough” compliance operations without a six-figure platform.