Does AssurAI cover DORA (EU Digital Operational Resilience Act)?
Yes — DORA became enforceable January 2025. AssurAI includes a DORA obligation register, ICT risk framework templates, incident classification tools, and cross-maps DORA requirements against your existing ISO 27001 and NIST controls to identify gaps efficiently.
How does the GDPR suite handle cross-border data transfers?
The RoPA builder includes transfer mechanism fields (SCCs, adequacy decisions, BCRs). The AI flags data flows to third countries and prompts for appropriate transfer documentation. DPA drafting includes standard contractual clause templates updated for the 2021 SCCs.
Can AssurAI handle multi-jurisdiction compliance (e.g., GDPR + CCPA + PIPEDA)?
Yes. The Cross Assurance Engine maps overlapping obligations across jurisdictions. Most core privacy controls (data minimisation, retention, subject rights) satisfy all three regulations — the AI identifies where requirements diverge and what additional controls are needed for each jurisdiction.
Is there a regulatory change monitoring feature?
The obligation register includes a regulatory change flag — when a regulation is updated, affected obligations are highlighted for review. We update our framework library on a rolling basis as regulations evolve.