The Compliance tab is available only for paid accounts. If you’re managing frameworks like ISO 27001 or SOC 2, or you need to maintain an audit-ready internal control system, this is your go-to setup.
Compliance Settings Overview
Risk Categories
Define what risks your company tracks – and how they’re grouped.
Humadroid comes with a set of system default risk categories. These are grouped by area (e.g., Compliance, Contractual, External) and include:
-
Clear descriptions of the risk type
-
Examples of common threats or violations
-
Tags to help with classification
Default risk categories
System default risk categories grouped by type: compliance, legal, contractual, and regulatory. Each includes examples to help with classification.
You can use these predefined categories out of the box or create your own, aligned with your structure, teams, or departments.
💡 Example: Create a custom “IT Operational Risk” category if you’re tracking system downtimes or vendor SLA breaches separately.
Creating a new risk category
Define your own risk categories with custom identifiers, color codes, and classification examples tailored to your organization.
Scoring Methods
Decide how you evaluate and prioritize risks.
In this section, you manage risk scoring models that help determine the criticality of each risk. Three default methods are available:
-
Multi-Impact Assessment
Uses a weighted formula based on financial, legal, and reputational impact. -
Simple 5×5 Risk Matrix
A straightforward model using probability × impact. -
Weighted Impact Assessment
A nuanced model allowing additional types of impact (e.g., operational).
Available risk scoring methods
Choose from predefined scoring models like Multi-Impact Assessment or create your own to align with your organization’s risk evaluation framework.
Each model comes with editable treatment thresholds (when a risk becomes significant) and customizable weights. You can also create new methods based on your internal evaluation criteria.
📎 Recommended: In our internal compliance, we're using this method with a higher threshold - it allows us to focus on really important risks and leave a track of those of lesser impact.
Custom risk scoring method setup
Build your own risk scoring method using custom thresholds and impact-based formulas. Ideal for tailoring your compliance evaluation to specific frameworks.
Employment Types
n Humadroid, Employment Types help you enforce compliance by ensuring the right documents are linked to the right roles. Whether it’s full-time staff, contractors, or interns, each type can have specific policies automatically assigned, such as:
-
Code of Conduct
-
NDA
-
Security or Data Protection Policies
This ensures that every person acknowledges the right set of documents based on their role, with no manual chasing.
👉 Full guide: Employment Types in Humadroid →
Employment types overview
Creating a new employment type
Create a custom employment type and link it to required documents like Code of Conduct or Security Policy. Documents will be auto-assigned to users based on their role.
Advanced Asset Management (Assets Settings)
Once Compliance is enabled, you’ll also get access to advanced asset tracking features, so let’s break up how to navigate through Assets settings.
Lifecycle States
Here, you define and manage equipment lifecycle stages from the beginning, from purchasing to disposal.
Humadroid provides a set of default states:
-
Ordered
-
Received
-
In Stock
-
Deployed
…and more.
You can edit these or create your own.
Adding a new lifecycle state, by clicking "Add New State"
Add custom asset states to match your internal workflows. Use terminal states to define endpoints like “Retired” or “Disposed”.
Lifecycle view with state transitions
Visualize asset state transitions using a flow diagram. Customize each state and its valid paths to reflect your real-world lifecycle management.
✏️ Pro tip: Use custom transitions to enforce rules like “you can’t deploy before receiving.”
Categories
Organize your hardware and equipment into categories like laptops, phones, and monitors.
While creating a category, you can:
-
Choose a parent category
-
Set default lifecycle duration
-
Select the depreciation method
-
Flag items for regular maintenance
Asset category list
Categorize company assets for easier tracking and reporting. Each category can include depreciation settings and asset counts.
Creating a new asset category
Define asset categories with lifecycle duration, depreciation settings, and maintenance reminders. Add custom fields to track additional metadata.
Departments
Use this to assign assets to teams or cost centers. See how much hardware is tied to Sales, Marketing, or IT.
Department overview with assigned assets
Assign assets to specific departments and track inventory by team.
Locations
Track asset distribution across your offices, warehouses, or regions.
Asset location structure
Organize assets across geographic locations with sub-location support. Ideal for multi-office inventory visibility and compliance traceability.
📄 Document Management
Humadroid also enables centralized document control – a crucial piece for ISO/SOC 2 audits.
You can:
-
Upload and manage internal policies, procedures, controls
-
Assign ownership and version history
-
Link documents to risks, assessments, or assets
-
Request acknowledgment from employees (e.g., policy sign-off)
This feature does not require setting up in settings. Under Compliance -> Documents, you can start create your documents as you go.
Compliance documents with acknowledgment tracking
Manage all compliance documents in one place. Track versions, statuses, acknowledgment progress, and link policies to roles or users.