> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# IT Compliance

> IT compliance dashboard showing compliance rates by framework (HIPAA IT, SOC 2, ISO 27001), upcoming assessments, and requirement management links.

The IT Compliance page (`/it/security/compliance`) is a dashboard for tracking IT regulatory and framework compliance. It shows compliance rates for HIPAA IT, SOC 2, ISO 27001, and Other frameworks, with detailed breakdowns and upcoming assessment scheduling.

## Overview

The page uses `useComplianceByFramework` to compute per-framework stats (total, compliant, non-compliant, in-progress, not-assessed counts and compliance rate) and `useUpcomingAssessments(30)` for the next 30-day assessment schedule. Framework overview cards show compliance percentages with progress bars. A detailed tab view breaks down each framework; a table lists upcoming assessments with days-until-due highlighting (red if ≤ 7 days). Links navigate to `/it/security/compliance/requirements` for the full requirement list.

## Who it's for

No explicit secondary permission gate beyond the outer `ITViewGuard` (`it.view`).

## Before you start

* Compliance requirements must be entered and assessed before meaningful data appears on this dashboard.

## Steps

<Steps>
  <Step title="Open IT Compliance">
    Navigate to `/it/security/compliance`.
  </Step>

  <Step title="Review framework summary cards">
    Four cards show the compliance percentage and compliant/total counts for HIPAA IT, SOC 2, ISO 27001, and Other.
  </Step>

  <Step title="Explore per-framework breakdown">
    Click a tab in the Compliance by Framework card to see compliant, non-compliant, in-progress, and not-assessed counts for that framework.
  </Step>

  <Step title="Check upcoming assessments">
    The Upcoming Assessments table lists requirements due within the next 30 days. Rows due in 7 days or fewer appear in red.
  </Step>

  <Step title="Manage requirements">
    Click **View All Requirements** to navigate to `/it/security/compliance/requirements`, or **Add Requirement** to create a new compliance requirement.
  </Step>
</Steps>

## Key concepts

| Concept               | Description                                                              |
| --------------------- | ------------------------------------------------------------------------ |
| `ComplianceFramework` | Supported values: `hipaa_it`, `soc2`, `iso27001`, `other`                |
| Compliance rate       | `compliant / total * 100` for a given framework                          |
| Upcoming assessments  | Requirements with `next_assessment_date` within the specified day window |

## Related

<Columns cols={2}>
  <Card title="IT Service Management" icon="headset" href="/it/overview">
    IT Service Management overview.
  </Card>

  <Card title="Governance & parity" icon="scale-balanced" href="/governance/index" />
</Columns>

<Note>
  This page documents shipped product behavior. It is not medical, legal, or
  billing advice. Verify against your organization's policies and applicable
  regulations before using it for clinical, compliance, or billing decisions.
  Protected health information (PHI) shown in the product is governed by your
  tenant's access controls and is never exposed in this documentation.
</Note>

<Accordion title="Documentation sources">
  * src/routes/it.tsx
  * src/cores/it/pages/security/compliance/ComplianceDashboardPage.tsx
  * src/cores/it/hooks/useComplianceRequirements.ts
</Accordion>
