graphgrc

♥Cherished

GraphGRC generates security program documentation by mapping compliance frameworks (SOC 2, GDPR, ISO 27001) to a practical 24-control architecture designed for AWS SaaS organizations. It parses framework requirements into structured Markdown with bidirectional control mappings, producing navigable documentation that connects compliance obligations to implementation guidance.

by engseclabs

·★ 0··submitted April 19, 2026

View on GitHub

Clauded With Love Rating

7.5 / 10

GraphGRC generates security program documentation by mapping compliance frameworks (SOC 2, GDPR, ISO 27001) to a practical 24-control architecture for AWS SaaS organizations. It parses framework requirements into structured Markdown with bidirectional control mappings, producing navigable documentation that connects compliance obligations to implementation guidance.

Code Quality6.5

Usefulness8.5

Claude Usage7.0

Documentation8.0

Originality7.5

Highlights

✓Bidirectional mapping system between custom controls and multiple compliance frameworks (SOC 2, GDPR, ISO 27001)
✓Two-mode architecture supporting both minimal custom controls (24) and comprehensive SCF framework (578 controls)
✓Complete published documentation site with practical implementation guidance tailored to AWS SaaS environments

To Improve

→Add comprehensive test coverage for parsing logic and mapping generation to ensure data integrity
→Implement validation for control mappings and framework data consistency to prevent broken links and missing references

Topic

Automation

Language

Python Go

Stack

AWS

Type

CLI Tool