{% extends "base.html" %} {% block title %}Unified Compliance Posture - ICDEV™ Dashboard{% endblock %} {% block content %}

Unified Compliance Posture

Aggregated posture across Security Design Canvas (SDC), Network Design Canvas (NDC), Pipeline Design Canvas (PDC), AI-ify, and the Agentic AI Design Canvas — with NIST 800-53 Rev 5 control family heatmap.

--
Controls Implemented
--
Open POAMs
--
CAT I Findings
--
ATO Status

Design Canvas Posture

Real-time compliance posture from each design canvas module.

Security Design Canvas
-- designs
--
Posture Grade
--
Risk Score
--
Open Threats
--
Controls Impl.
NIST 800-53 Coverage --%
Open SDC →
Network Design Canvas
-- topologies
--%
Remediation Rate
--
CAT I Open
--
CAT II Open
--
CAT III Open
Findings Remediated -- total
Open NDC →
Pipeline Design Canvas
-- pipelines
--
SLSA Level
--%
SSDF
--%
OWASP
--
Open Findings
SLSA L0L1L2L3L4
Open PDC →
AI-ify (AI Governance)
-- scans
--
Posture Grade
--
Overall Score
--
Opportunities
Weakest Control --
Open AI-ify Posture →
Agentic AI Design Canvas
-- designs
--
Posture Grade
--
NIST AI RMF
--
OWASP LLM
--
OMB Compliant
Avg Assessment Score --
Open Agentic AI →

NIST 800-53 Rev 5 Control Family Heatmap

Aggregated implementation coverage per control family across SDC and project controls. ≥80% 50–79% 20–49% <20% No data

Loading heatmap…

Framework Coverage

FrameworkControlsImplementedCoverageStatus
Loading...

Continuous Compliance Evidence Chain

Chronological audit trail aggregating PDC, NDC, and SDC events mapped to NIST 800-53 OSCAL controls (7-day window).

--
Total Events
--
PDC Events
--
NDC Events
--
SDC Events
--
Controls Covered
--
Gate Status
Recent Evidence Events
Loading evidence chain…

Compliance Modules

OSCAL

Machine-readable compliance artifacts — SSP, SAP, SAR, POA&M

Continuous ATO

Real-time authorization monitoring and evidence collection

Compliance Debt

Track and burn down POAM, control, and STIG debt

ATO Package Builder

Assemble authorization packages for FedRAMP / DoD

Secure by Design

Architecture-level security compliance assessment

Control Inheritance

Map inherited controls from cloud providers and shared services

MOSA

Modular Open Systems Approach compliance assessment

STIG Manager

Import, track, and assess DISA STIG benchmark findings

Production Audit

Audit trail analysis and evidence review

AI Transparency

AI model cards, decision logs, and explainability

AI Accountability

AI governance, bias tracking, and accountability framework
{% set iqe_canvas = "compliance" %} {% set iqe_api_route = "/api/compliance/iqe-query" %} {% set iqe_title = "Query Compliance Data" %} {% set iqe_examples = [ {"label": "Open violations", "query": "foreach v in compliance.violations where v.status == \"open\" select v.weakness_description, v.severity, v.control_id, v.responsible_party"}, {"label": "Controls not implemented", "query": "foreach c in compliance.controls where c.implementation_status == \"not-implemented\" select c.control_id, c.family, c.title, c.impact_level"}, {"label": "Low compliance snapshots", "query": "foreach s in compliance.snapshots where s.compliance_score_end < 70 select s.project_id, s.pi_number, s.compliance_score_end, s.poam_items_opened"}, {"label": "All violations", "query": "foreach v in compliance.violations select v.weakness_description, v.severity, v.status, v.milestone_date"} ] %} {% include "includes/iqe_query_widget.html" %} {% endblock %}