ControlMapr

ControlMapr is a web app (with optional Slack/Teams bot) that automates the most painful part of GRC: turning messy operational artifacts into audit-ready evidence tied to specific controls. It connects to common systems (Jira, GitHub, AWS, Okta, Google Workspace, Microsoft 365) and continuously collects signals like access reviews, change approvals, security settings snapshots, and incident records. The app then maps each artifact to frameworks (SOC 2, ISO 27001, NIST 800-53) using an AI-assisted control library and produces an evidence trail with timestamps, owners, and exceptions. It flags gaps (missing approvals, stale reviews, misconfigured settings) and generates auditor-friendly exports and a “what changed since last quarter” report. It’s not a full GRC suite; it’s a focused evidence-mapping engine that plugs into existing tools and reduces spreadsheet-driven compliance work.