Skip to content

Risk/Compliance Officer Guide

Welcome, Risk/Compliance Officer

This guide will help you leverage CalcBridge for regulatory monitoring, audit trail management, and compliance documentation.

Role Overview

As a Risk/Compliance Officer, you are responsible for:

  • Monitoring risk metrics and ensuring regulatory compliance
  • Investigating breaches and documenting remediation
  • Managing audit trails for regulatory examinations
  • Generating compliance documentation for SOC 2 and other frameworks

CalcBridge provides complete visibility into every calculation, change, and user action, supporting your compliance and audit requirements.

What CalcBridge Does for You

  • Provides immutable audit logs for every action
  • Sends real-time alerts for threshold breaches
  • Generates SOC 2-ready compliance documentation
  • Tracks historical compliance trends for pattern analysis

Daily Workflow

flowchart LR
    A[Review Alerts] --> B[Investigate Breaches]
    B --> C[Audit Changes]
    C --> D[Generate Documentation]
    D --> E[Update Policies]

    style A fill:#FEE2E2,stroke:#EF4444
    style B fill:#FEF3C7,stroke:#F59E0B
    style C fill:#DBEAFE,stroke:#3B82F6
    style D fill:#DCFCE7,stroke:#22C55E
    style E fill:#EDE9FE,stroke:#8B5CF6

Step 1: Review Alerts

Start your day by reviewing overnight alerts and notifications.

Alert Summary (Last 24 Hours)
=============================
Critical: 0
Warning: 2
Informational: 5

Warning Alerts:
- Single Obligor approaching limit: Acme Corp @ 4.75% (Limit: 5.0%)
- Healthcare concentration trending up: 14.5% (Limit: 15.0%)

Step 2: Investigate Breaches

For any compliance breaches or near-misses, conduct a thorough investigation:

  • Review the calculation details
  • Identify root cause
  • Document findings
  • Recommend remediation

Step 3: Audit Changes

Review recent system activity:

# Query audit logs
curl -X GET "https://api.calcbridge.io/api/v1/audit/logs?start_date=2024-01-01" \
  -H "Authorization: Bearer $TOKEN"

Step 4: Generate Documentation

Produce required compliance reports and documentation:

  • Compliance test results
  • User activity reports
  • System configuration changes
  • SOC 2 control evidence

Key Features

Threshold Alerts

Configure proactive monitoring for compliance thresholds.

Alert Severity Trigger Condition Response Time
Critical Threshold breached Immediate
Warning Within 10% of limit 4 hours
Watch Within 20% of limit 24 hours
Info Significant change Weekly review

Audit Logging

CalcBridge logs every significant action:

{
  "timestamp": "2024-01-15T10:30:00Z",
  "event_type": "compliance.test.run",
  "user_id": "usr_abc123",
  "user_email": "analyst@example.com",
  "tenant_id": "tenant_xyz",
  "resource_type": "workbook",
  "resource_id": "wb_123",
  "action": "compliance_test_executed",
  "details": {
    "test_suite": "standard",
    "tests_run": 25,
    "tests_passed": 24,
    "tests_failed": 1
  },
  "ip_address": "192.168.1.100",
  "user_agent": "CalcBridge/1.0"
}

Compliance Reports

Generate audit-ready reports:

  • Compliance Summary: Pass/fail status for all tests
  • Breach History: Timeline of compliance events
  • User Activity: Who did what and when
  • Change Log: System configuration modifications

SOC 2 Documentation

SOC 2 Readiness

CalcBridge is designed with SOC 2 Type II compliance in mind, providing:

  • Complete audit trails
  • Access control documentation
  • Change management records
  • Incident response logs

Step-by-Step Tutorials

Configuring Threshold Alerts

Set up proactive monitoring for compliance thresholds.

Alert Configuration Types

Type Description Example
Static Threshold Fixed value trigger Alert if > 5%
Dynamic Threshold Percentage of limit Alert at 90% of max
Trend Alert Pattern detection 3 consecutive increases
Composite Alert Multiple conditions A AND B both warning

Tutorial

1. Navigate to Alert Configuration

Go to Settings > Compliance > Alert Rules

2. Create New Alert Rule

Alert Rule Configuration:
  name: "Single Obligor Warning"
  description: "Alert when any single obligor exceeds 4% (80% of 5% limit)"

  trigger:
    metric: "single_obligor_concentration"
    condition: "greater_than"
    threshold: 4.0
    threshold_type: "percentage"

  notification:
    channels:
      - email
      - slack
    recipients:
      - compliance@example.com
      - "#compliance-alerts"
    frequency: "immediate"

  escalation:
    enabled: true
    escalate_after: "4_hours"
    escalate_to:
      - head_of_compliance@example.com

3. Configure Notification Channels

{
  "channel": "email",
  "recipients": ["compliance@example.com"],
  "template": "compliance_alert",
  "include_details": true,
  "include_dashboard_link": true
}

{
  "channel": "slack",
  "workspace": "your-company",
  "channel_name": "#compliance-alerts",
  "mention_users": ["@compliance-team"],
  "include_chart": true
}

{
  "channel": "webhook",
  "url": "https://your-system.com/webhooks/alerts",
  "method": "POST",
  "headers": {
    "Authorization": "Bearer $WEBHOOK_TOKEN"
  },
  "payload_format": "json"
}

4. Set Escalation Rules

Escalation Policy:
  - level: 1
    delay: 0
    notify: [compliance_team]
  - level: 2
    delay: 4_hours
    notify: [compliance_manager]
  - level: 3
    delay: 24_hours
    notify: [cco, ceo]

5. Test and Activate

  • Send test notification to verify configuration
  • Review in test mode for 24 hours
  • Activate for production monitoring

Reviewing the Audit Trail

Learn to navigate and analyze audit logs effectively.

Audit Log Structure

Audit Trail Query Interface
===========================

Filters:
  Date Range: [2024-01-01] to [2024-01-31]
  Event Types: [All] [Compliance] [User] [System]
  Users: [All] [Specific User]
  Severity: [All] [Critical] [Warning] [Info]

Results: 1,247 events found

Common Audit Queries

Query 1: Compliance Test History

curl -X GET "https://api.calcbridge.io/api/v1/audit/logs" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "event_types": ["compliance.test.run", "compliance.test.failed"],
    "start_date": "2024-01-01",
    "end_date": "2024-01-31",
    "limit": 100
  }'

Query 2: User Login Activity

curl -X GET "https://api.calcbridge.io/api/v1/audit/logs" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "event_types": ["auth.login", "auth.logout", "auth.failed"],
    "start_date": "2024-01-01",
    "limit": 500
  }'

Query 3: Data Modifications

curl -X GET "https://api.calcbridge.io/api/v1/audit/logs" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "event_types": ["workbook.updated", "workbook.deleted", "data.modified"],
    "user_id": "usr_specific",
    "limit": 100
  }'

Audit Report Generation

# Generate compliance audit report
curl -X POST "https://api.calcbridge.io/api/v1/reports/audit" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "report_type": "compliance_audit",
    "period": "monthly",
    "month": "2024-01",
    "format": "pdf",
    "include_sections": [
      "compliance_summary",
      "breach_history",
      "user_activity",
      "system_changes"
    ]
  }'

Generating SOC 2 Documentation

Create audit-ready documentation for SOC 2 compliance.

SOC 2 Control Mapping

CalcBridge supports evidence generation for these SOC 2 Trust Service Criteria:

Criteria Category CalcBridge Support
CC1 Control Environment User roles, permissions
CC2 Communication Alert notifications, reports
CC3 Risk Assessment Compliance testing, thresholds
CC5 Control Activities Audit logs, access controls
CC6 Logical Access JWT auth, API keys, RLS
CC7 System Operations Health checks, monitoring
CC8 Change Management Configuration audit trail

Evidence Generation

1. Access Control Evidence

# Generate user access report
curl -X POST "https://api.calcbridge.io/api/v1/reports/soc2/access-control" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "period": "Q1-2024",
    "include": [
      "user_list",
      "role_assignments",
      "permission_matrix",
      "access_reviews",
      "terminated_users"
    ]
  }'

2. Change Management Evidence

# Generate change management report
curl -X POST "https://api.calcbridge.io/api/v1/reports/soc2/change-management" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "period": "Q1-2024",
    "include": [
      "configuration_changes",
      "approval_workflow",
      "deployment_history",
      "rollback_incidents"
    ]
  }'

3. Monitoring Evidence

# Generate monitoring report
curl -X POST "https://api.calcbridge.io/api/v1/reports/soc2/monitoring" \
  -H "Authorization: Bearer $TOKEN" \
  -d '{
    "period": "Q1-2024",
    "include": [
      "uptime_statistics",
      "incident_history",
      "alert_response_times",
      "capacity_metrics"
    ]
  }'

Documentation Package

Generate a complete SOC 2 documentation package:

SOC 2 Documentation Package:
  period: "2024-01-01 to 2024-03-31"

  documents:
    - name: "System Description"
      type: "narrative"

    - name: "Control Matrix"
      type: "spreadsheet"

    - name: "Access Control Report"
      type: "evidence"

    - name: "Change Management Log"
      type: "evidence"

    - name: "Incident Response Log"
      type: "evidence"

    - name: "User Activity Report"
      type: "evidence"

    - name: "Compliance Test Results"
      type: "evidence"

Tips and Best Practices

Alert Management

Alert Fatigue Prevention

Too many alerts lead to ignored alerts. Follow these guidelines:

  • Set meaningful thresholds (not too sensitive)
  • Use escalation for true emergencies only
  • Review and tune alerts monthly
  • Document why each alert exists

Audit Best Practices

  1. Retain logs appropriately: Follow your retention policy (typically 7 years for financial)
  2. Regular reviews: Schedule weekly audit log reviews
  3. Anomaly detection: Look for unusual patterns in user behavior
  4. Segregation of duties: Verify appropriate access controls

Investigation Workflow

flowchart TB
    A[Alert Received] --> B{Breach Confirmed?}
    B -->|Yes| C[Document Breach]
    B -->|No| D[Close as False Positive]
    C --> E[Root Cause Analysis]
    E --> F[Remediation Plan]
    F --> G[Implement Fix]
    G --> H[Verify Resolution]
    H --> I[Document Closure]
    D --> J[Update Alert Rules]

    style A fill:#FEE2E2,stroke:#EF4444
    style C fill:#FEF3C7,stroke:#F59E0B
    style G fill:#DCFCE7,stroke:#22C55E
    style I fill:#DBEAFE,stroke:#3B82F6

Regulatory Examination Preparation

Preparation Step Timeline
Gather documentation 2 weeks before
Review audit logs 1 week before
Prepare summary reports 1 week before
Brief key personnel 3 days before
Final review 1 day before

Quick Reference

Event Types

Event Category Event Types
Authentication auth.login, auth.logout, auth.failed, auth.mfa
Compliance compliance.test.run, compliance.breach, compliance.resolved
Data workbook.created, workbook.updated, workbook.deleted
User user.created, user.modified, user.deactivated
System config.changed, tenant.updated, api_key.generated

API Endpoints for Compliance Officers

# Get audit logs
GET /api/v1/audit/logs

# Get compliance history
GET /api/v1/compliance/history

# Get breach report
GET /api/v1/compliance/breaches

# Generate SOC 2 report
POST /api/v1/reports/soc2

# Configure alerts
POST /api/v1/alerts/rules

# Get alert history
GET /api/v1/alerts/history

Compliance Dashboard Metrics

Metric Description Target
Tests Passing % of compliance tests passing 100%
Alert Response Time Time to acknowledge alerts < 1 hour
Breach Resolution Time to resolve breaches < 24 hours
Audit Coverage % of actions logged 100%

Next Steps

  • Complete this guide
  • Configure your first alert rule
  • Review recent audit logs
  • Generate a SOC 2 evidence report
  • Schedule regular compliance reviews

Configure Alerts View Architecture