Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt

Use this file to discover all available pages before exploring further.

This page provides a form to create a new IT compliance requirement record. Navigate to it at /it/security/compliance/requirements/new.

Overview

The New Requirement page is a single-step form for adding a compliance requirement to the IT Compliance module. The requirement is created with an initial compliance_status of not_assessed. On success the user is redirected to the compliance requirements list at /it/security/compliance/requirements.

Who it’s for

This route is protected by IT_PERMISSIONS.VIEW (it.view) via the module-level ITViewGuard. No additional per-route permission gate exists beyond the module guard.

Before you start

  • Identify the compliance framework (HIPAA IT, SOC 2, ISO 27001, or Other).
  • Determine the requirement category.
  • Have the next scheduled assessment date available if applicable.

Steps

  1. Navigate to IT > Security > Compliance and select the requirements list, then click Add Requirement, or go directly to /it/security/compliance/requirements/new.
  2. Enter the Requirement Name (required).
  3. Select a Framework: HIPAA IT, SOC 2, ISO 27001, or Other.
  4. Select a Category: Access Control, Data Protection, Incident Response, or Other.
  5. Optionally set a Next Assessment Date.
  6. Enter a Description explaining the requirement and how compliance is measured.
  7. Click Create Requirement. On success you are redirected to the requirements list.

Key concepts

  • Compliance framework — the regulatory or standards framework this requirement belongs to (ComplianceFramework type).
  • Compliance category — the security domain grouping (ComplianceCategory type).
  • compliance_status — new requirements start as not_assessed; status updates occur via the requirement detail or edit page.

IT Service Management

IT Service Management overview.

Governance & parity

This page documents shipped product behavior. It is not medical, legal, or billing advice. Verify against your organization’s policies and applicable regulations before using it for clinical, compliance, or billing decisions. Protected health information (PHI) shown in the product is governed by your tenant’s access controls and is never exposed in this documentation.
  • src/routes/it.tsx
  • src/cores/it/pages/security/compliance/NewComplianceRequirementPage.tsx
  • src/cores/it/hooks/useComplianceRequirementMutations.ts
  • src/cores/it/types/security.ts