SDK — Compliance

The rivano.compliance resource generates formal audit reports mapped to compliance frameworks. Use it to produce evidence packets for SOC 2 Type II reviews, GDPR DPIAs, or ISO 27001 audits.

List frameworks

Returns the compliance frameworks supported for your plan:

import Rivano from '@rivano/sdk';

const rivano = new Rivano({ apiKey: 'rv_...' });

const frameworks = await rivano.compliance.frameworks();
for (const fw of frameworks) {
  console.log(`${fw.id} — ${fw.name} (${fw.controlCount} controls)`);
}

Supported frameworks

Framework IDNameDescription
soc2SOC 2 Type IISecurity, availability, and confidentiality controls
gdprGDPRData protection and privacy requirements
iso27001ISO 27001Information security management
hipaaHIPAAHealthcare data protection
ccpaCCPACalifornia consumer privacy rights

Get framework detail

Returns the individual controls within a framework and their current pass/fail status:

import Rivano from '@rivano/sdk';

const rivano = new Rivano({ apiKey: 'rv_...' });

const framework = await rivano.compliance.framework('soc2');
for (const control of framework.controls) {
  const status = control.passing ? '✔' : '✗';
  console.log(`${status} ${control.id}: ${control.name}`);
}

Create a report

Generates a compliance report for a date range. Report generation is asynchronous — the response returns a report ID that you poll or retrieve later:

import Rivano from '@rivano/sdk';

const rivano = new Rivano({ apiKey: 'rv_...' });

const report = await rivano.compliance.createReport({
  framework: 'soc2',
  startDate: '2026-01-01',
  endDate: '2026-03-31',
});

console.log('Report ID:', report.id);
console.log('Status:', report.status); // "pending" | "ready" | "failed"

Report create parameters

ParameterTypeRequiredDescription
frameworkstringYesFramework ID from compliance.frameworks()
startDatestringYesReport period start (YYYY-MM-DD)
endDatestringYesReport period end (YYYY-MM-DD)

List reports

Returns all previously generated reports:

import Rivano from '@rivano/sdk';

const rivano = new Rivano({ apiKey: 'rv_...' });

const reports = await rivano.compliance.reports();
for (const report of reports) {
  console.log(`${report.id} [${report.framework}] ${report.status} — ${report.createdAt}`);
}

Get a report

Retrieve a specific report, including the download URL when ready:

import Rivano from '@rivano/sdk';

const rivano = new Rivano({ apiKey: 'rv_...' });

const report = await rivano.compliance.report('report_abc123');

if (report.status === 'ready') {
  console.log('Download:', report.downloadUrl);
} else if (report.status === 'pending') {
  console.log('Still generating...');
} else {
  console.error('Report failed:', report.errorMessage);
}
💡

Reports typically take 30–120 seconds to generate depending on the date range. Poll compliance.report(id) every 10 seconds, or set up a webhook to be notified when the report is ready.

Error handling

ErrorWhen it occurs
SdkAuthErrorInvalid API key
SdkForbiddenErrorCompliance reports are not available on all plans
SdkNotFoundErrorFramework ID or report ID does not exist
  • SDK Governance — Posture scores and policy change audit trail
  • SDK Traces — Raw trace data that feeds into compliance evidence
Previous ← SDK — Billing Next SDK — Evals →