Skip to content

Organizational-level Solution Architecture

Compliance

Organizational-level Solution Architecture

Home
Reference Architecture
Reference Architecture
- Foundation
  Foundation
  - Overview
    
    Overview
    
    Docs & Arch Compliance
  - Governance
    
    Governance
    
    Delivery Methodology
    
    Code of Conduct
    
    Security
    
    Compliance Compliance
    Table of contents
    
    📜 Applicable Regulations & Standards
    
    GDPR (General Data Protection Regulation)
    
    ISO 27001
    
    SOC 2
    
    🔍 Compliance Scope
    
    📌 Responsibility
    
    Contributing
    
    License
- Practices
  Practices
  - Guides
    
    Guides
  - Getting Started
    Getting Started
    
    OS Package Managers
  - Software Development
    
    Software Development
    
    Configuration
    
    Docker & Semantic Versioning
    
    VSCode
    
    Another Tool
- Reference
  Reference
  - Technical Reference
    
    Technical Reference
    
    Nomenclature Conventions
    
    Project Structure Reference
- Operations
  Operations
  - Logging
Technical Guidelines
Technical Guidelines
- Foundation
  Foundation
  - Architecture & Governance
    Architecture & Governance
    
    Base Architecture
    
    Development Model
    
    Change Control & Versioning
  - Technology Stack
    Technology Stack
    
    Approved Technology Stack
  - Software Development
    Software Development
    
    Backend Guidelines
    Backend Guidelines
    
    API Guidelines
    
    Frontend Guidelines
    Frontend Guidelines
    
    Design Prototyping (Figma)
    
    Accessibility Standards
    
    Frontend Architecture
    
    Frontend Best Practices
    
    Design Alignment
    
    Downloadable templates
    Downloadable templates
    
    Standard documentation
    
    Standard documentation
    
    Project docs
  - Folder Structure by Technology Stack
    
    Folder Structure by Technology Stack
    
    Backend
    Backend
    
    Azure Functions (.NET)
    
    Azure Functions (Python)
    
    ASP.NET Core API
    
    ASP.NET Core App
    
    Django Backend
    
    FastAPI Backend
    
    Frontend
    Frontend
    
    Angular
    
    React
    
    Vue
    
    Gateway
    Gateway
    
    Ocelot (.NET)
    
    NGINX
  - Operations
    Operations
    
    CI/CD & Operations
    CI/CD & Operations
    
    CI/CD Best Practices
Platforms
Platforms
- Internal Platforms
  Internal Platforms
  - Analitica
    
    Analitica
  - Colabora
    
    Colabora
  - Media Assets
    
    Media Assets
    
    Usage
    
    Usage
    
    Available Assets
    
    Folder Structure
    
    Examples
    Examples
    
    HTML usage
    
    Email usage
- External Tools
  External Tools
  - n8n
    n8n
    
    Reference Architecture
    
    Reference Architecture
    
    Folder Structure
    
    Dependencies
    
    Workflows
    
    Workflows
    
    Workflow func-parameter-validation

Compliance Overview¶

This document provides a high-level overview of the regulatory and compliance frameworks applicable to this project.

Detailed implementation evidence is maintained in security, architecture, and operational documents.

📜 Applicable Regulations & Standards¶

Personal data must be processed lawfully and transparently
Data minimization and purpose limitation apply
Access to personal data must be controlled and auditable
Data retention policies must be defined

ISO 27001¶

Information security risks must be identified and managed
Access control and least privilege principles apply
Security incidents must be logged and reviewed

SOC 2¶

Controls align with Trust Service Criteria:
Security
Availability
Confidentiality
Operational procedures must be documented and repeatable

🔍 Compliance Scope¶

This project considers compliance across: - Application code - Infrastructure and cloud services - CI/CD pipelines - Operational procedures

📌 Responsibility¶

Compliance ownership is shared between: - Product - Engineering - Security - Platform / Architecture