Copado Compliance Hub

By Konstantin Heidt

Copado Compliance Hub
Copado Compliance Hub secondary image 0 Copado Compliance Hub secondary image 1

The first Compliance Application for Salesforce Org

With the introduction of Salesforce, business users gain access to a technical tool, allowing them to develop features easily.

However, this makes it difficult to enforce project governance and compliance rules, that often rely on manual checks, which can be difficult, time-consuming and prone to errors.

It is easy to overlook a checkbox, that allows a set of users to modify all Orders or to view restricted information such as contact details for clients in specific countries. This can have severe consequences, given that sensitive client and company data is stored in Salesforce

Copado Compliance Hub - a new way to ensure Salesforce compliance

Copado Compliance Hub enables Compliance Officers and their team to monitor the organization’s compliance requirements in real time as diverse development teams deliver Salesforce functionality across many sandboxes and/or production orgs. Changes are evaluated in real-time as they move through the development and release process highlighting any non-compliant modifications and action these depending on severity and other optional criteria.

Achieve PCI, SOX, HIPAA and other compliances easily using a non-technical user interface to define violation criteria on metadata such as Field Level Security, IP Address validations or Object Level Access:

  • Set up rules to define when a Salesforce element contains a violation

  • Categorize the violation severity

  • Configure how to react if a validation is found: record for future reference, notify team or block an activity

  • Configure where to check for violations, so you can give developers freedom where they need it and prevent the release to production

  • Configure when the rules should be applied

After setup, compliance validation is performed actively during commits and/or deployments or it can be run passively. In any case, your compliance team can be assured that no unwanted violations are released to production without their knowledge.

Because violation findings are stored as records, you can coordinate your follow up on findings by assigning owners and resolution statuses and monitor these using Salesforce reporting capabilities.

Of course, as with other native force.com applications, you can extend our platform with standard Salesforce configuration.

Align compliance and development teams in your release process

Use Copado Compliance Hub in combination with Copado Change Management, to embed one or multiple compliance quality gates as part of your development and release workflow.

  • Before starting development: Onboard compliance team to Copado and enable compliance reviews as part of your User Story definition

  • During development: Set up rules to check for violations when committing metadata or make Compliance Scan runs mandatory

  • After finishing development: Establish compliance validation during deployment to production or any other key environment

Redefine the role of Compliance

To make sure an implementation is compliant to company and government regulations, it is a matter of definition of guidelines, process discipline and intense manual checks. With Copado Compliance Hub you have now a technical safeguard and your compliance team can support projects defining features instead of looking for checkboxes after deployments.

More information available on the following link https://www.copa.do/Features 

compliance hub

release management