7+ regulations

Regulatory Compliance Map

European and Polish regulations built into the product architecture from day zero. Ready-made operational packs with controls and deadlines.

GDPR end-to-end

Art. 12-22, 30, 32, 33-34

  • DSAR workflow with full evidence trail (Art. 15, 20)
  • Record of Processing Activities — ROPA (Art. 30)
  • Per-tenant retention with dry-run retention job and legal hold
  • 72h breach notification (Art. 33) as an incident workflow
  • ePrivacy/PKE consent registry with communication separation

NIS2/KSC and DORA

Art. 21/23 NIS2 + DORA financial sector

  • Reporting modes: 24h / 72h / 1 month per NIS2
  • Ready-made control packs with owners and required evidence
  • Conditional DORA obligations for financial-sector clients
  • KSC Act (Polish NIS2 equivalent) from day zero
  • Incident exercises with complete contractual report packs

EU AI Act + AIMS

Implementation deadline: August 2, 2026

  • AI competency evidence per role
  • Art. 50 transparency built into the UI
  • High-risk use-case classification with mandatory human oversight
  • AI Act pre-deployment checklist — full document set
  • AIMS as a native platform module

EU Data Act

Exit by design

  • Customer data export and migration procedures
  • Exit SLA and interoperability tests
  • Clean exit without lock-in while preserving data integrity

DPA, Sub-processors, SCC/DPF

Transfer registries and monitoring

  • Sub-processor registry with transfer documents
  • Standard DPA/SCC C2P and DPF status monitoring
  • Automatic notification on vendor changes

SOC 2 / ISO 27001 readiness

Control mapping and evidence collection

  • SOC 2/ISO control mapping to Pulsar processes
  • Effectiveness monitoring and quarterly gap report with CAPA
  • Audit-ready evidence material for certification auditors

Polish national law

KSC + Whistleblower Protection Act

  • KSC Act — Polish NIS2 equivalent
  • Whistleblower Protection Act (PL)
  • Regulatory packs available immediately

Compliance traceability matrix as the platform core

Formal traceability matrix: requirement to control to evidence to owner to review date for every regulation. 100% of compliance catalog entries have assigned operational and technical controls. Production deployment blocked on unclosed critical gaps.

  • Quarterly regulatory change monitoring with automatic change backlog
  • Cross-product evidence sharing without data duplication
  • Deterministic state machines as a compliance guarantee

How it works

1

Import requirements

Select a regulatory pack or import your own requirements from a file.

2

Map controls

Assign controls with owners, frequency, and required evidence.

3

Monitor compliance

The coverage dashboard shows gaps, expired evidence, and scheduled reviews.

mission.launch

Start trial and evaluate the process on your own operational data

Start Trial See how it works

What happens after you click?

  • You get a 14-day trial with full Professional process scope
  • You map your own requirements and immediately see impact on risks, audits, and CAPA
  • You choose a plan based on real team execution, not assumptions

Need an operational consultation? Email us: kontakt@pulsar-grc.pl