Open-source compliance toolkit for privacy, AI governance, and anti-spam regulations across Canadian, US, and EU jurisdictions.
| Repository | Description | License |
|---|---|---|
compliance-catalog |
OSCAL JSON/YAML control definitions by jurisdiction — the data layer powering assessments and enforcement | |
compliance-assess |
Static + runtime assessor; scans codebases for compliance gaps; emits OSCAL Assessment Results, SARIF, and Markdown | |
compliance-enforce |
Runtime sidecar — PII scrubbing, DSR intake, consent ledger, retention scheduling, structured audit emission, bias-math APIs | |
compliance-browser |
Self-hostable web app — browse the control catalog, compose jurisdiction profiles, view assessment results |
This is software that identifies potential compliance gaps in code and provides runtime technical controls. It does not constitute legal advice, guarantee regulatory compliance, or replace qualified legal counsel, organizational privacy policies, or incident response procedures.
See individual repositories for full disclaimers.
The toolkit is in active development (Phase 0 — foundations). Browse progress and the full roadmap in the compliance-toolkit meta-repository.
| Topic | Contact |
|---|---|
| Security vulnerabilities | security@arkoinc.ca — do not open a public issue |
| Code of Conduct | conduct@arkoinc.ca |
| Trademark | trademark@arkoinc.ca |