PolicyDrift

PolicyDrift is a web app (with optional Slack/Teams integration) that continuously detects when IT reality diverges from written governance. It ingests your policies/standards (PDF, Confluence, SharePoint), maps them to common control frameworks (ISO 27001, SOC 2, NIST), then monitors evidence signals from key systems (Okta/Azure AD, Jira, GitHub, AWS, M365). The app flags “control drift” like admin accounts without MFA, overdue access reviews, missing change approvals, or unowned critical assets, and generates an evidence-ready trail with timestamps and sources. It’s an AI + traditional app: AI helps parse messy policy language and suggest control-to-signal mappings, but the core value is deterministic checks and audit-grade logging. The product is not a full GRC suite; it’s a focused drift detector that reduces audit fire drills and embarrassing surprises.