Composition / Dashboard

Full compliance dashboard

Composed mock of the Mufflermen compliance + governance + privacy console — top-of-app incident banner, the framework status dashboard, the sub-processor table, an aside with the active Stripe DPA viewer + encryption posture, a consent banner, the security posture score, and a recent compliance audit log. Visual reference only, no backend is wired.

Production answer

Full compliance dashboard is a reusable Oak Flats Muffler Men UI primitive with documented states, accessibility expectations, theme behavior, and implementation evidence.

Primary CTAReview Full compliance dashboard states
Generative search brief

Full compliance dashboard: Composed mock of the Mufflermen compliance + governance + privacy console — top-of-app incident banner, the framework status dashboard, the sub-processor table, an aside with the active Stripe DPA viewer + encryption posture, a consent banner, the security posture score, and a recent compliance audit log. Visual reference only, no backend is wired.

Compliance / Live

Mufflermen governance posture

Live status of the four frameworks the workshop reports against plus the regulated overlays (PCI for card data, HIPAA only if onboarded a US insurer).

  • Frameworks5
  • Compliant2/5
  • Lapsed0
  • Avg complete75%

ISO/IEC 27001

ISO 27001
Compliant
100%complete
Last audit 2026-02-14Next 2026-08-14

SOC 2 Type II

SOC 2
Compliant
96%complete
Last audit 2026-03-22Next 2026-09-22

GDPR

GDPR
In Progress
78%complete
Last audit 2025-11-04Next 2026-07-12

ASD Essential 8

E8
In Progress
84%complete
Last audit 2026-01-18Next 2026-07-18

IRAP (PROTECTED)

IRAP
Not Started
16%complete
Last audit Next 2026-12-01
Schedule 2 · 5 vendorsActive sub-processors
Active sub-processors
VendorLocationDPIALast reviewed
StripeCard payment processing
Sydney AUDPIA approved2026-03-14
XeroInvoicing + BAS lodgement
Sydney AUDPIA approved2026-02-08
TwilioSMS booking reminders
Virginia USDPIA approved2026-04-02
DatadogAPM + log aggregation
Frankfurt EUDPIA approved2026-01-30
MailchimpMarketing newsletter
Atlanta USDPIA pending2026-04-22
88
out of 100
Posture

Security posture

  • MFA enforced 100%
  • Endpoint EDR
  • Patch SLA <14d
  • DLP active
  • Privileged access review overdue
14-day trend
Consent management · Privacy Act 1988

Manage your data preferences

Essential cookies are always on. Everything else respects your choice. Distinct from the lighter marketing cookie banner — this is the deeper preference panel.

  • Essentialessential
    Auth session, CSRF tokens, booking cart state.
  • Functionalfunctional
    Remember saved vehicles, preferred bay location, theme.
  • Analyticsanalytics
    Aggregate usage data with no raw IPs retained.
  • Marketingmarketing
    Targeted ads on Meta + Google. Off by default in AU.
  • Sale of personal datasale-of-data
    We do not sell or rent data. Shown for CCPA / CPRA only.
Audit · last 24 hoursRecent compliance audit log
Recent compliance audit log
WhenActorActionTarget
10 min agoTom V · ComplianceMarked PCI control 3.4 as evidencedPCI DSS v4 · §3.4
42 min agoJess R · DPOClosed DSR requestDSR-2026-118 (erasure)
1 hr agoauto · ciRotated AES-256-GCM data keykms/booking-rest-key
3 hr agoMarcus P · EngUpdated sub-processor listSchedule 2 · Intercom removed
yesterdayPriya K · SecOpsLogged pentest finding as resolvedENG-2026-018 · MED-02