Enforcer Labs Private Limited

Effective Date: May 1, 2026
Last Updated: May 17, 2026
Applies To: Enforcer Dashboard Only

1. Purpose

This document clarifies the scope of compliance responsibility when using Enforcer Dashboard. It is designed to prevent misunderstanding about the Software's role in Customer's compliance program and to protect Enforcer Labs from liability for compliance outcomes.

2. Nature of the Software

2.1 Enforcer Dashboard is a compliance operations tool. It assists organizations in monitoring, detecting, reporting, and remediating infrastructure compliance issues.

2.2 Enforcer Dashboard is NOT:

(a) a compliance certification authority;

(b) a substitute for qualified compliance professionals, auditors, or legal counsel;

(d) an audit tool that produces legally binding audit opinions;

(e) a replacement for a comprehensive compliance program.

3. Compliance Frameworks

3.1 Framework Support

Enforcer Dashboard may include controls, checks, and mappings aligned with compliance frameworks, including but not limited to:

SOC 2 (Trust Service Criteria)
ISO 27001
NIST Cybersecurity Framework
CIS Benchmarks
PCI DSS
HIPAA Security Rule
GDPR (technical controls)
AWS Well-Architected Framework
Custom organizational standards

3.2 Framework Disclaimer

THE INCLUSION OF COMPLIANCE FRAMEWORK MAPPINGS, CONTROLS, OR CHECKS IN THE SOFTWARE DOES NOT CONSTITUTE A REPRESENTATION THAT:

(a) The mappings are complete, current, or accurate for any specific version of the framework;

(b) Passing the Software's checks is sufficient to achieve compliance with the framework;

(d) The Software covers all requirements of any compliance framework;

(e) The Software's assessments will be accepted by auditors, regulators, or certification bodies.

3.3 Framework Updates

Compliance frameworks are updated periodically by their respective governing bodies. Enforcer Labs will make reasonable efforts to update framework mappings but does not guarantee that the Software will reflect the most current version of any framework at all times.

4. Customer Compliance Responsibilities

4.1 Comprehensive Compliance Program

Customer is solely responsible for establishing and maintaining a comprehensive compliance program that includes, at minimum:

(a) Governance structure and accountability;

(b) Risk assessment and management;

(d) Training and awareness;

(e) Monitoring and reporting;

(f) Incident response;

(g) Continuous improvement.

The Software may support elements of this program but does not replace any element.

4.2 Regulatory Obligations

Customer is solely responsible for:

(a) Identifying which laws, regulations, and standards apply to Customer's business;

(b) Interpreting regulatory requirements for Customer's specific context;

(d) Maintaining evidence of compliance;

(e) Engaging with regulators, auditors, and certification bodies;

(f) Responding to regulatory inquiries, audits, and enforcement actions.

4.3 Validation and Verification

Customer shall:

(a) Independently verify all compliance assessments, reports, and scores generated by the Software;

(b) Supplement the Software's assessments with manual reviews, external audits, and professional consultations;

(d) Validate that the Software's control mappings are appropriate for Customer's regulatory environment.

5. Scope Limitations

5.1 Infrastructure Scope

The Software can only assess infrastructure and configurations that are within its configured scope. Customer is responsible for ensuring that all relevant infrastructure is discoverable by the Software.

5.2 Non-Technical Controls

Many compliance frameworks include non-technical requirements (e.g., policies, training, physical security, vendor management). The Software addresses primarily technical controls and cannot assess non-technical compliance requirements.

5.3 Point-in-Time Assessment

The Software's compliance assessments reflect the state of infrastructure at the time of assessment. Compliance status may change between assessments due to infrastructure changes, configuration drift, or other factors.

6. Audit and Evidence

6.1 Evidence Generation

The Software may generate compliance evidence, including audit logs, configuration snapshots, compliance reports, and remediation records. This evidence is generated to support Customer's compliance program, but:

(a) Customer is responsible for the integrity, retention, and presentation of compliance evidence;

(b) Enforcer Labs does not guarantee that generated evidence will be accepted by auditors or regulators;

6.2 Audit Readiness

The Software supports audit readiness but does not guarantee successful audit outcomes. Audit results depend on the auditor's scope, methodology, interpretation, and Customer's overall compliance posture.

7. No Legal Advice

7.1 Nothing in the Software, its documentation, its outputs, or communications from Enforcer Labs constitutes legal advice.

7.2 Customer should consult qualified legal counsel for legal interpretations of compliance requirements.

7.3 Enforcer Labs employees, contractors, and representatives are not authorized to provide legal advice.

8. Enforcer Labs' Non-Liability

ENFORCER LABS SHALL NOT BE LIABLE FOR:

(a) Customer's failure to achieve or maintain compliance with any law, regulation, or standard;

(b) Regulatory penalties, fines, enforcement actions, or sanctions imposed on Customer;

(d) Customer's reliance on the Software's assessments, reports, or recommendations without independent verification;

(e) Changes in regulatory requirements that are not yet reflected in the Software;

(f) Gaps in the Software's coverage of any compliance framework.

9. Contact

Enforcer Labs Private Limited
Email: legal@enforcer-cca.com

This document is subject to attorney review. This disclaimer is essential for compliance platforms and should be prominently referenced in all enterprise sales materials.

Enforcer Labs Private Limited

Effective Date: May 1, 2026
Last Updated: May 17, 2026
Applies To: Enforcer Dashboard Only

1. Purpose

2. Nature of the Software

2.1 Enforcer Dashboard is a compliance operations tool. It assists organizations in monitoring, detecting, reporting, and remediating infrastructure compliance issues.

2.2 Enforcer Dashboard is NOT:

(a) a compliance certification authority;

(b) a substitute for qualified compliance professionals, auditors, or legal counsel;

(d) an audit tool that produces legally binding audit opinions;

(e) a replacement for a comprehensive compliance program.

3. Compliance Frameworks

3.1 Framework Support

Enforcer Dashboard may include controls, checks, and mappings aligned with compliance frameworks, including but not limited to:

SOC 2 (Trust Service Criteria)
ISO 27001
NIST Cybersecurity Framework
CIS Benchmarks
PCI DSS
HIPAA Security Rule
GDPR (technical controls)
AWS Well-Architected Framework
Custom organizational standards

3.2 Framework Disclaimer

THE INCLUSION OF COMPLIANCE FRAMEWORK MAPPINGS, CONTROLS, OR CHECKS IN THE SOFTWARE DOES NOT CONSTITUTE A REPRESENTATION THAT:

(a) The mappings are complete, current, or accurate for any specific version of the framework;

(b) Passing the Software's checks is sufficient to achieve compliance with the framework;

(d) The Software covers all requirements of any compliance framework;

(e) The Software's assessments will be accepted by auditors, regulators, or certification bodies.

3.3 Framework Updates

4. Customer Compliance Responsibilities

4.1 Comprehensive Compliance Program

Customer is solely responsible for establishing and maintaining a comprehensive compliance program that includes, at minimum:

(a) Governance structure and accountability;

(b) Risk assessment and management;

(d) Training and awareness;

(e) Monitoring and reporting;

(f) Incident response;

(g) Continuous improvement.

The Software may support elements of this program but does not replace any element.

4.2 Regulatory Obligations

Customer is solely responsible for:

(a) Identifying which laws, regulations, and standards apply to Customer's business;

(b) Interpreting regulatory requirements for Customer's specific context;

(d) Maintaining evidence of compliance;

(e) Engaging with regulators, auditors, and certification bodies;

(f) Responding to regulatory inquiries, audits, and enforcement actions.

4.3 Validation and Verification

Customer shall:

(a) Independently verify all compliance assessments, reports, and scores generated by the Software;

(b) Supplement the Software's assessments with manual reviews, external audits, and professional consultations;

(d) Validate that the Software's control mappings are appropriate for Customer's regulatory environment.

5. Scope Limitations

5.1 Infrastructure Scope

5.2 Non-Technical Controls

5.3 Point-in-Time Assessment

6. Audit and Evidence

6.1 Evidence Generation

(a) Customer is responsible for the integrity, retention, and presentation of compliance evidence;

(b) Enforcer Labs does not guarantee that generated evidence will be accepted by auditors or regulators;

6.2 Audit Readiness

7. No Legal Advice

7.1 Nothing in the Software, its documentation, its outputs, or communications from Enforcer Labs constitutes legal advice.

7.2 Customer should consult qualified legal counsel for legal interpretations of compliance requirements.

7.3 Enforcer Labs employees, contractors, and representatives are not authorized to provide legal advice.

8. Enforcer Labs' Non-Liability

ENFORCER LABS SHALL NOT BE LIABLE FOR:

(a) Customer's failure to achieve or maintain compliance with any law, regulation, or standard;

(b) Regulatory penalties, fines, enforcement actions, or sanctions imposed on Customer;

(d) Customer's reliance on the Software's assessments, reports, or recommendations without independent verification;

(e) Changes in regulatory requirements that are not yet reflected in the Software;

(f) Gaps in the Software's coverage of any compliance framework.

9. Contact

Enforcer Labs Private Limited
Email: legal@enforcer-cca.com

This document is subject to attorney review. This disclaimer is essential for compliance platforms and should be prominently referenced in all enterprise sales materials.

Compliance Responsibility Disclaimer

Quick Summary (Plain English)

1. Purpose

2. Nature of the Software

3. Compliance Frameworks

3.1 Framework Support

3.2 Framework Disclaimer

3.3 Framework Updates

4. Customer Compliance Responsibilities

4.1 Comprehensive Compliance Program

4.2 Regulatory Obligations

4.3 Validation and Verification

5. Scope Limitations

5.1 Infrastructure Scope

5.2 Non-Technical Controls

5.3 Point-in-Time Assessment

6. Audit and Evidence

6.1 Evidence Generation

6.2 Audit Readiness

7. No Legal Advice

8. Enforcer Labs' Non-Liability

9. Contact

Compliance Responsibility Disclaimer

Quick Summary (Plain English)

1. Purpose

2. Nature of the Software

3. Compliance Frameworks

3.1 Framework Support

3.2 Framework Disclaimer

3.3 Framework Updates

4. Customer Compliance Responsibilities

4.1 Comprehensive Compliance Program

4.2 Regulatory Obligations

4.3 Validation and Verification

5. Scope Limitations

5.1 Infrastructure Scope

5.2 Non-Technical Controls

5.3 Point-in-Time Assessment

6. Audit and Evidence

6.1 Evidence Generation

6.2 Audit Readiness

7. No Legal Advice

8. Enforcer Labs' Non-Liability

9. Contact