Product basics
What does GRC stand for in our platform?
Governance, Risk, and Compliance
Name a common off the shelf compliance framework integrated with our platform.
ISO 27001, SOC 2, GDPR, etc.
What does the term “MVP” stand for?
Minimum Viable Product
What AWS service do we use to manage our application’s database?
Amazon RDS.
Who is the primary user persona of our platform?
Compliance officers, Risk managers, etc.
Which compliance framework is specifically focused on data privacy in the European Union?
GDPR.
Which two stages define our feature development workflow?
Discovery and Delivery.
Which backend tool do we use to generate real-time GraphQL APIs?
Hasura.
What is the purpose of our "Risk Register"?
To document and manage identified risks.
What does "evidence collection" mean in the context of audits?
Gathering proof that controls are implemented and working effectively.
What does "dogfooding" mean in product management?
Using your own product to identify issues and improve usability.
Which event orchestrator ensures stateful and reliable execution of workflows in our system?
Temporal
Name our main AI features
Ai review, risk treatment details drafts, vendor questionnaire review, client questionnaires response drafting.
What’s the difference between inherent risk and residual risk?
Inherent risk is before controls; residual risk is after controls are applied.
How do we call the document that drives our Discovery process?
Research document.
Our end-to-end tests help ensure platform reliability: what happens when they detect a failure?
They trigger Slack notifications for immediate response.
How are our risk scores calculated?
Multiplying impact x likelihood.
Name one feature enabled by our integrations that enhances compliance audits.
Automated evidence collection.
What was the name of our last completed releases, before we started our fluid flow?
India.
Why did we migrate from Azure to AWS?
To reduce downtime and improve reliability with features better suited to our needs.