Compliance Scorecard

A comprehensive SaaS platform for compliance and risk management, designed for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), and virtual/fractional Chief Information Security Officers (vCISOs).

Laravel 9.x React 18 Material-UI Redux Toolkit Auth0 MySQL AWS S3 Docker
Choose Your Path Browse Docs View on GitHub

Choose Your Journey

Different roles need different information. Pick your path for a guided experience.

Dev Team Start Here

Ready to implement? Get the complete development pathway from setup to production deployment.

6 Steps 8-15 Days Production Ready

Leadership Start Here

Strategic overview, business case, and implementation planning for decision makers and executives.

6 Steps 1-2 Hours ROI Analysis
View All Guided Pathways

Platform Overview

Compliance Scorecard empowers small and medium-sized businesses to effectively understand and manage their compliance posture through comprehensive monitoring, risk assessment tools, policy management, and detailed dashboards.

Multi-Tenant Architecture

Hierarchical structure supporting MSPs with multiple clients and users, with role-based access control and permissions.

Policy Management

Complete policy lifecycle management with approval workflows, version control, and automated policy adoption campaigns.

Assessment & Scoring

Customizable assessment templates, automated scoring systems, and comprehensive compliance reporting.

System Architecture

Backend (polygon-be)
Laravel 9.x PHP Framework
  • RESTful API with v3/v4 versioning
  • Auth0 integration with Laravel Sanctum
  • MySQL database with extensive migrations
  • Queue system for background processing
  • Stripe payment integration
  • AWS S3 file storage
  • Sentry error tracking
Frontend (polygon-fe)
React 18 Single Page Application
  • Material-UI component library
  • Redux Toolkit for state management
  • Auth0 React integration
  • Responsive dashboard design
  • Rich text editing with TinyMCE
  • Chart.js data visualization
  • DataTables for complex data display
Integrations & External Services
Security & Compliance Tools
  • • Huntress • Auvik • CyberCNS
  • • Breach Secure Now • PHIN Security
  • • Lionguard • Cyberhoot
RMM & Asset Management
  • • ConnectWise • N-Central • Ninja
  • • Nodeware • Hudu • MS Graph
  • • SharePoint • Google Drive

Core Features

Policy Lifecycle

Complete policy management with approval workflows and version control

Assessment Engine

Customizable templates with automated scoring and reporting

Risk Management

Risk register, POAM tracking, and mitigation workflows

Asset Governance

Complete asset management with multiple platform integrations

Task Management

Project templates, milestone tracking, and workflow automation

Knowledge Base

Centralized documentation with sharing and collaboration features

Trust Center

Public-facing compliance documentation and transparency portal

Peer Groups

Community features for knowledge sharing and collaboration

Quick Links

Backend Documentation

Laravel API, models, services, and database schema
Frontend Documentation

React components, Redux store, and UI architecture
Setup Guide

Installation, configuration, and deployment instructions
API Reference

Complete API documentation with examples
Developer Guide

Best practices, coding standards, and troubleshooting
AI Automation Roadmap

Complete AI-first transformation plan and implementation guide
Accelerated Timeline

Sept-Dec 2025 deployment plan with 100h/week dev capacity
Schema-Based Evidence Collection

Real database implementation with AI automation using actual table structures
Cost-Effective AI Architecture

Hybrid AI approach reducing costs by 87% while maintaining accuracy
Ultra-Low-Cost AI ($1.5K/mo)

Budget-conscious AI strategy for current revenue scale with 90% automation
AI Implementation Code Guide

Complete PHP implementation with FREE rules engine and strategic AI integration
AI Deployment Guide

Step-by-step deployment instructions for production implementation
Connector Integration Examples

Real-world implementation examples for ConnectWise, Auvik, Microsoft Graph, and 20+ other integrations
M365 Existing Capabilities Audit

Analysis of your current M365 Graph API integration showing immediate compliance capabilities
Vulnerability Management Automation

Complete Nodeware, ConnectSecure, and Lionguard integrations for SOC 2 CC7.2 and ISO 27001 A.12.6.1 compliance automation