Open-source database of vendor compliance information (SoC 2/ISO 27001)
github.comMost compliance companies are spending hours hunting down the same informations, SOC 2 and ISO 27001 certificates, subprocessor lists, BAAs, terms of service, and so on.
To make that process easier, I’ve started putting together a maintained, open-source database of vendor compliance details. Right now, the database includes: - Links to vendor compliance certifications (SOC 2, ISO 27001, HIPAA, etc.) - Legal entity names and headquarters addresses - Subprocessor list URLs (which are often buried) - BAA availability indicators - Security/trust center pages
This is an early version, lots of vendors are still missing, but I’m planning to keep expanding and improving it.
If you find it useful or have ideas on what would make it better, I’d love your feedback.