Compliance Tracking - Coming Soon
Overview
The Herd Security Compliance page is a centralized hub for managing organizational compliance programs. It enables security and compliance teams to create structured campaigns, assign training and policy requirements to users, track completion progress, and maintain audit-ready records — all from a single interface.
Creating a Compliance Campaign
The core action on the Compliance page is creating a Compliance Campaign. A campaign bundles together a compliance framework, associated trainings, policies, and assigned users into a single trackable program.
Campaign Details
When creating a campaign, users configure the following fields:
Compliance Framework
Select the regulatory or security framework that the campaign is aligned to. Available options include:
SOC 2
ISO 27001
NIST Cybersecurity Framework
Custom frameworks (e.g. GDPR, HIPAA, PCI DSS, SOX, FISMA)
Framework selection is optional — teams running internal initiatives can leave this field blank or specify a custom framework name.
Campaign Name
A required field. Provide a clear, descriptive name that identifies the campaign, such as "SOC 2 Annual Compliance 2026" or "HIPAA Readiness Q2."
Description
An optional free-text field to describe the purpose, scope, and context of the campaign. This helps users and stakeholders understand what the campaign covers and why it exists.
Campaign Duration
Set the start and end dates for the campaign. These dates define the active window during which users are expected to complete their assigned trainings and policies, and are used to determine overdue status.
Campaign Dashboard
Once a campaign is active, the Compliance page provides a live dashboard showing real-time progress across all assigned users and requirements.
Summary Metrics
The top of the dashboard displays four key metrics at a glance:
Metric
Description
Total Users
The number of users enrolled in the campaign.
Completed
The count of completed training or policy items across all users.
In Progress
Items that have been started but not yet finished.
Overdue
Items that have passed their due date without completion.
Overall Progress
A completion rate is calculated and displayed as both a ratio and percentage. For example, a campaign with 65 items completed out of 65 total shows a 100% completion rate. This gives a quick, high-level view of how the campaign is tracking.
Trainings and Tracks
The Trainings and Tracks section lists all training programs assigned as part of the campaign. Each entry shows:
Item name and type (e.g. TRACK)
Due date for completion
Progress — the number of individual training modules completed out of the total
User completion — how many users have fully completed all modules in the track
Overdue status
Actions — available actions such as editing or removing the item
Example: A "SOC 2 Type 2" track with a due date of April 1, 2026, showing 95/95 trainings completed and all 5 users fully done would display as fully complete with no overdue items.
Data in this section can be exported in CSV or JSON format for use in audits or external reporting.
Policies
The Policies section tracks acknowledgment of required organizational policies. Each policy entry displays:
Policy name (e.g. Employee Handbook, Acceptable Use Policy, Information Security Policy)
Due date for acknowledgment
Progress — the number of users who have acknowledged the policy out of the total assigned
Overdue status
Actions
The following policies are commonly included in compliance campaigns:
Policy Name
Typical Due Date
Tracks
Employee Handbook
Campaign end date
User acknowledgment
Acceptable Use Policy
Campaign end date
User acknowledgment
Change Management Policy
Campaign end date
User acknowledgment
Code of Conduct
Campaign end date
User acknowledgment
Data Classification Policy
Campaign end date
User acknowledgment
Data Management Policy
Campaign end date
User acknowledgment
Disaster Recovery Policy
Campaign end date
User acknowledgment
Information Security Policy
Campaign end date
User acknowledgment
Risk Management Policy
Campaign end date
User acknowledgment
Security Incident Response Policy
Campaign end date
User acknowledgment
Vendor Management Policy
Campaign end date
User acknowledgment
Workstation Security Policy
Campaign end date
User acknowledgment
Users and Groups
The Users and Groups section defines who is enrolled in the campaign. Teams can assign individual users or entire groups, making it easy to scope a campaign to a specific department, team, or the entire organization.
Progress metrics (completed, in progress, overdue) are calculated based on the users and groups assigned here.
Compliance Reminders
The Compliance Reminders feature enables automated, periodic notifications to keep users on track throughout the campaign. Reminders can be delivered via integrated channels including Slack and Microsoft Teams.
Key capabilities include:
Periodic refresher nudges tied to specific frameworks (SOC 2, HIPAA, GDPR, etc.)
Automated reminders as due dates approach or pass
Keeping the organization audit-ready by maintaining consistent engagement with compliance requirements
This feature reduces the risk of missed deadlines and ensures compliance stays top-of-mind without manual follow-up by the security team.
Summary
The Herd Security Compliance page brings together everything needed to run a structured, trackable compliance program:
Feature
Purpose
Campaign Creation
Define the framework, name, description, and date range for a compliance initiative.
Summary Metrics
Instant visibility into total users, completions, in-progress items, and overdue counts.
Trainings & Tracks
Assign and monitor structured training programs with per-user and per-module tracking.
Policies
Track acknowledgment of required organizational policies across all enrolled users.
Users & Groups
Scope campaigns to specific individuals or teams.
Compliance Reminders
Automate Slack/Teams notifications to keep users on track and certifications audit-ready.
CSV / JSON Export
Download campaign data for external reporting or audit evidence packages.
Together these features give security and compliance teams a single source of truth for tracking organizational compliance readiness across any framework.
Last updated