Compliance / 14 primitives + composition

Compliance + governance + privacy primitives

Visual primitives for the Mufflermen compliance + governance + privacy console — modelled against AU-specific obligations (Privacy Act 1988, OAIC Notifiable Data Breach scheme, ASD Essential 8, IRAP) plus the international frameworks the workshop pursues (ISO 27001, SOC 2, GDPR, PCI DSS v4). Visual reference only — no real backend wired.

Production answer

Compliance + governance + privacy primitives is a reusable Oak Flats Muffler Men UI primitive with documented states, accessibility expectations, theme behavior, and implementation evidence.

Primary CTAReview Compliance + governance + privacy primitives states
Generative search brief

Compliance + governance + privacy primitives: Visual primitives for the Mufflermen compliance + governance + privacy console — modelled against AU-specific obligations (Privacy Act 1988, OAIC Notifiable Data Breach scheme, ASD Essential 8, IRAP) plus the international frameworks the workshop pursues (ISO 27001, SOC 2, GDPR, PCI DSS v4). Visual reference only — no real backend wired.

Visual reference only — no real backend wired
Primitive 01

Compliance dashboard

Top-level dashboard composing framework status cards with a summary strip — frameworks, compliant, lapsed, average completion.

CompositionOpen
Primitive 02

Framework status card

Single framework card — iconmark, status chip, percent meter, last + next audit dates. ISO 27001 / SOC 2 / GDPR / E8 / IRAP.

Stateless · meterOpen
Primitive 03

Data processing record

ROPA / Article-30 record — category, purpose, legal basis, retention, recipients, transfers in semantic dl/dt/dd.

StatelessOpen
Primitive 04

DPA viewer

Data processing agreement viewer — vendor, signed date, term, version, key clauses, download CTA.

StatelessOpen
Primitive 05

Sub-processor list

Schedule 2 sub-processor table — vendor + service + location + DPIA status + last-reviewed.

Stateless · tableOpen
Primitive 06

Consent management banner

Full consent surface — Essential / Functional / Analytics / Marketing / Sale-of-data toggles + preference center + save action.

Stateful · togglesOpen
Primitive 07

DSR request form

Data subject request form — identity verification, request type, scope chips, three-step flow.

Stateful · stepsOpen
Primitive 08

Retention schedule editor

Retention rule editor — category + duration + disposal method + legal hold toggle with live summary.

Stateful · formOpen
Primitive 09

Encryption status

Visual indicator — at-rest (AES-256-GCM) + in-transit (TLS 1.3) + key management chip (KMS / HSM).

StatelessOpen
Primitive 10

Pentest results card

Engagement card — tester, dates, executive summary, findings by severity (critical/high/medium/low) + download CTA.

StatelessOpen
Primitive 11

Vulnerability disclosure

Public VDP card — contact email, PGP key + fingerprint, SLA chip, hall of fame, scope in/out lists.

StatelessOpen
Primitive 12

Policy version diff

Side-by-side or unified policy diff — added/removed/changed lines highlighted, version chips, effective date.

Stateful · view toggleOpen
Primitive 13

Security posture score

Big 0-100 score with dial, contributing factor chips (MFA / DLP / EDR) and a 14-day trend sparkline.

Stateless · meterOpen
Primitive 14

Incident disclosure banner

Top-of-app banner — severity chip + status timeline + mitigation update + statuspage link. role=alert.

Stateless · alertOpen
Composition

Full compliance dashboard

Composed dashboard — framework status row, sub-processor table, DPA viewer aside, consent banner, security posture, audit log.

CompositionOpen