Dashboard
Your compliance command center. The dashboard gives you a real-time view of your organization's compliance posture across all active frameworks, recent activity, and pending actions.
Compliance Score Ring
The large circular gauge at the top of the dashboard is your Overall Compliance Score. It represents the weighted average compliance percentage across all active frameworks in your organization.
How the score is calculated
Each control in an active framework contributes to the framework's compliance score. Controls are binary at their core — either they have sufficient implemented evidence, or they don't — but the scoring model applies weighting based on:
- Control implementation status — Controls in
implementedstate with fresh evidence score fully (1.0). Controls inpartialstate score at 0.5. Controls markednot_implementedscore at 0. - Evidence freshness — Evidence older than its configured staleness threshold reduces the control's contribution. A control can have an
implementedstatus but stale evidence, which partially degrades its score contribution. - Control category weight — Certain control families (e.g., Access Control, Incident Response) carry higher weight in frameworks like SOC 2 and ISO 27001. The weighting follows the framework's official risk prioritization.
- Framework weight — Your overall score is a weighted average across frameworks. You can adjust framework weights in Dashboard → Settings → Scoring. By default, all active frameworks contribute equally.
Score floors and score ceilings
A score of 100% is only achievable when every control in every active framework is inimplemented status with fresh evidence. Controls marked not_applicable are excluded from the denominator — they don't help or hurt your score.Score color thresholds
| Score Range | Color | Interpretation |
|---|---|---|
| 90–100% | Audit-ready posture. Minimal evidence gaps. | Green |
| 75–89% | Good posture with some control gaps to close. | Blue |
| 50–74% | Material gaps. Prioritize remediation tickets. | Yellow |
| Below 50% | Significant compliance risk. Needs immediate attention. | Red |
Framework Score Table
Below the score ring, the framework table shows a per-framework breakdown. Each row shows:
- Framework name and version (e.g., "SOC 2 Type II", "ISO 27001:2022")
- Score percentage — the framework's individual compliance score
- Control counts — total controls, implemented, partial, not implemented
- Evidence gaps — number of controls missing fresh evidence
- Trend indicator — change from last 30 days (↑ improving, ↓ declining, → stable)
Click any framework row to drill into the full control list for that framework. Use the column headers to sort by score, gaps, or trend.
Focus on frameworks with open evidence gaps
Sort the table by Evidence Gaps descending to quickly identify which framework has the most outstanding work. Address evidence gaps before changing control status — evidence quality is what auditors inspect.Recent Activity Feed
The activity feed on the right side of the dashboard shows a chronological log of all compliance events in your organization. Events include:
- Evidence uploaded or auto-collected from integrations
- Control status changes (who changed it, from what, to what)
- Policy reviews completed or scheduled
- Findings and tickets created from scans
- Agent interactions logged in the audit trail
- Framework activations and deactivations
- Risk register updates
- Report generation events
Each activity entry is stored in the tamper-evident audit trail. The chain hash value next to each entry proves the event log hasn't been modified since the event was recorded.
Quick Actions
The Quick Actions panel provides one-click access to the most common compliance tasks. Actions adapt based on your current compliance posture — if you have stale evidence, the first action will be "Review stale evidence". If you have open critical findings, the action will surface those first.
| Quick Action | Description |
|---|---|
| Upload Evidence | Open the evidence upload dialog to attach files to a control |
| Run Scan | Trigger a dependency, secrets, or configuration security scan |
| Review Stale Evidence | Go to evidence sorted by staleness — oldest first |
| Assign Control Owner | Open bulk assignment for controls without owners |
| Generate Report | Jump to report generation with last-used settings |
| Register Agent | Open the agent registration form for a new AI agent |
Understanding Severity Levels
Findings, risks, and tickets in Claw GRC use a four-level severity scale. Understanding what each level means helps you prioritize remediation work correctly.
| Severity | Definition | SLA |
|---|---|---|
| Critical | Active exploitability, data breach risk, or complete control failure. Requires immediate remediation. | 24h |
| High | Significant control gap that poses material compliance risk or could enable a breach. | 7 days |
| Medium | Moderate control gap that should be addressed before the next audit cycle. | 30 days |
| Low | Minor issue or improvement opportunity. Address in the next planned maintenance window. | 90 days |
SLA breach alerts
When a ticket or finding approaches or exceeds its severity SLA without being resolved, Claw GRC automatically escalates via Slack notification to the assigned owner and their manager (if configured). SLA breach events are logged in the audit trail.Customizing Your View
The dashboard layout can be customized per-user. Changes are stored in your user profile and persist across sessions.
- Show/hide panels — Click the settings gear (⚙️) in the top-right of any panel to hide it or reorder it
- Date range — The activity feed and trend indicators default to the last 30 days. Use the date picker in the top-right to change the window (7 days, 30 days, 90 days, custom)
- Framework filter — If you manage many frameworks, use the framework filter to focus the score ring and table on a subset
- Compact mode — Toggle compact mode to see more data with less whitespace — useful on smaller displays