legal

Compliance Report

Compliance teams describe findings in narrative form that needs to be broken into regulation, scope, severity, evidence, and remediation timeline for tracking and reporting. This template structures compliance observations into actionable records that feed directly into your GRC platform.

See it in action

What users type

During our Q1 SOC 2 Type II prep, I found that the engineering team's AWS access keys haven't been rotated since November. This is a non-conformity against CC6.1 (logical access controls). Three service accounts still have root-level permissions that should have been scoped down after the January reorg. We need this fixed before the auditor arrives on April 25th. Filed by Tom Hensley.

What you get

Reporter Name

Tom Hensley

99%

Regulation / Standard

SOC 2 Type II - CC6.1 (Logical Access Controls)

96%

Finding Type

Non-Conformity

99%

Finding Summary

AWS access keys not rotated since November; three service accounts retain root-level permissions that should have been scoped after January reorg

97%

Affected Department

Engineering

98%

Severity

High

93%

Remediation Deadline

2026-04-25

95%

Extracted fields

Field	Type	Required
Reporter Name	text	Required
Regulation / Standard	text	Required
Finding Type	select	Required
Finding Summary	text	Required
Affected Department	text	Optional
Severity	select	Required
Remediation Deadline	date	Optional

Use this template

Start with this template — free

Templates

Legal Client Intake

Extract client details, case type, and key facts from initial legal consultation messages.

Contract Review Request

Parse contract review requests to capture document type, parties, key terms, and concerns.

IP Filing Request

Extract intellectual property filing details including invention description, inventors, and prior art.

Compliance Report

See it in action

Extracted fields

Use this template

Related

Templates