Research

Control Graph Modeling

Active

Modeling relationships between SCF controls, assessment objectives, and cross-framework mappings as a navigable graph structure.

SCF 2026.1.1 normalization across 79+ frameworks.
Hierarchical domain → control → objective → evidence relationships.
Cross-framework traceability — one evidence base, many framework views.
Graph-based gap propagation: a gap on one control surfaces across every framework it maps to.

Active

Developing reliable confidence metrics for LLM-based evidence assessment against compliance controls.

Per-objective confidence as a 0.0–1.0 score, bucketed into low / medium / high for display.
Low model temperatures (0.1–0.2) to keep assessments consistent across runs.
Open question: how well does model-reported confidence track human-auditor agreement?

Planned

Measuring and improving the accuracy of automated control mappings between regulatory frameworks.

Planned

Moving from point-in-time assessment to continuous compliance posture tracking.

Active

Modeling relationships between SCF controls, assessment objectives, and cross-framework mappings as a navigable graph structure.

SCF 2026.1.1 normalization across 79+ frameworks.
Hierarchical domain → control → objective → evidence relationships.
Cross-framework traceability — one evidence base, many framework views.
Graph-based gap propagation: a gap on one control surfaces across every framework it maps to.

Active

Developing reliable confidence metrics for LLM-based evidence assessment against compliance controls.

Per-objective confidence as a 0.0–1.0 score, bucketed into low / medium / high for display.
Low model temperatures (0.1–0.2) to keep assessments consistent across runs.
Open question: how well does model-reported confidence track human-auditor agreement?

Planned

Measuring and improving the accuracy of automated control mappings between regulatory frameworks.

Planned

Moving from point-in-time assessment to continuous compliance posture tracking.