Waivern logo

The Waivern Compliance Framework

A comprehensive, intelligent approach to privacy, AI, and cybersecurity compliance that integrates seamlessly into your development workflow.

Automated asset discovery

Our framework automates asset discovery, evidence gathering, assessment and documentation generation, reducing manual work and ensuring an accurate, auditable risk picture in real time across your organisation.

Risk identification and assessment

Comprehensive risk assessment tools help identify, evaluate, and propose mitigations to compliance risks before they become issues.

Automate documentation drafting

Generate review-ready documentation and reports automatically, accelerating compliance sign-off and ensuring you're always prepared for regulatory reviews.

Built-in legal and regulatory expertise

Our rulesets encode the knowledge of privacy lawyers and compliance specialists - so every analysis, classification and export is grounded in professional-grade regulatory understanding. Outputs are structured for direct use by compliance teams, auditors and DPOs.

Robust compliance starts from two sources of truth: what your systems actually do and what your organisation says it does. We scan both - then cross-reference them to surface the gaps that matter.

Your technical stack
  • Application code, behaviours, and data flows
  • Integration with third-party APIs, systems, and vendors
  • Infrastructure and deployment configurations
  • Security measures in place
  • Data samples available in machine and human interfaces
Your organisational context
  • Existing privacy policies, cookie policies, and DPAs
  • Internal governance documents and data protection procedures
  • Vendor agreements and sub-processor registers
  • Organisational structure and data ownership
  • Business objectives, risk appetite, and growth plans

The real compliance insights come from where these two pictures diverge - where what you are doing differs from what your policies describe. That is where risk lives, and that is where we start.

Try it yourself

Open-source and free to get started. Run your first compliance analysis in minutes - or chat with us to learn how it can streamline your compliance processes.

# Clone the repo and install dependencies
uv sync

# Run your first compliance analysis
uv run wct run iso27001_analysis.yaml
Talk to usGitHub