At Drova, we believe in continuous improvement and are working towards our new ESGRC platform. This release sees our first iteration of our new Compliance module which will help users comply with two key Operational Resilience regulations — APRA CPS 230 and FCA SYSC 15A — through a structured, clause-by-clause framework. It enables teams to understand regulatory expectations, define what actions are needed internally, monitor progress, and demonstrate compliance — all in one centralised workspace.

It does not yet include more advanced capabilities such as cross-framework mapping, control testing, or real-time regulatory updates. These will be introduced in upcoming phases.

Framework Set Up

1. Select the relevant compliance framework in the Settings page under Framework - Resilience.  
   
   
2. Once saved, you will be redirected to the Compliance module with the selected framework pre-loaded.
   
3. Click New to Compliance to open the introduction panel 
   
   

Clauses 

1. Explore the framework dashboard for your selected regulation. Here you can see clause compliance status, control effectiveness, and task progress at a glance. 
   
   
2. Clauses are grouped under expandable sections with inline status tags. Expand the section to view the clause details (clause ID, original legal text, and last updated date). 
   
   
3. Filter by clause status or owner to quickly find the relevant clause. 
   
   
4. If you're a first-time user, or would like to understand more about the framework, click 'New to [Framework]' in the top right hand corner.
   
   
5. Review the Clause Detail Page to view all relevant information on the clause. E.g. full clause context, compliance status, ownership, insights on the requirement, controls, tasks status, and AI-simplified requirements. 
   
   

Adding New Users & Creating Teams

• Log in to Drova.​
• From the main menu, click on People & Teams.
  This is where you manage all users and team structures.

1. In the People & Teams tab, click the “+” icon on the right-hand side of the page.
2. A pop-up window will appear, giving you the option to add a User (People) or create a Team.
   Select People to add new users, or Teams to create a new team.
3. Enter the new user’s email address.
4. Assign the user to one or more teams (if teams already exist).
5. Click Add.

➡️ The user will automatically receive an invite email prompting them to join and set up their account.

​

1. Again, click the “+” icon on the right-hand side.
2. This time, select the Teams pop-up.
3. Enter the team name (e.g. “Compliance”, “Sales”, or “Project A”).
4. Optionally, assign security access to modules on Drova. 
5. Click Create Add.

​

• Add teams first if you already know how you want to group users (e.g. by department or function).
• Assign users to multiple teams if they work across different areas.
• Regularly review teams to ensure they reflect your current organisational structure.

Requirements

1. View AI-generated requirements for the clause. Clear interpretation helps users understand what's expected. The AI agent "Sheila" searches official regulatory guidance and based on the guidance, she translates complex clauses into business-friendly requirements. 
2. Review rationale and contextual explanations provided by AI. This helps you understand why the requirement was generated, based on the meaning of the clause and the regulatory intent. 
   
   
3. Edit the requirement as needed. You can rewrite or clarify based on your organisation's language. 
   
   
4. Add custom requirements manually. Where required, you can create additional requirements if Sheila misses anything by clicking the + icon. Note - Requirement ID is auto generated by the system. This cannot be edited. 
   
   
5. Assign owners and set status for reach requirement. 
   
   
6. Delete a requirement. Whether the requirement has been created by AI, or manually created by you, you can delete a requirement. Select the 3 vertical dots next to the requirement and select Delete. Note - if any associated records are linked to this requirement, they will be unlinked. 
   
   
7. Review the Requirement Detail Page to view all relevant information on the requirement. E.g. full requirement context, status, ownership. You can also manage controls, link tasks, upload evidence and view history all in one place. 
   

Execution

1. Create or link a compliance control under the requirement. Controls can be selected from the library or created manually.
   
2. Create task(s) related to a requirement or control. 
   
   
   
3. View all linked tasks and controls under the requirement. 
   
4. Track task and control status. 
   

Evidence

1. Add/upload evidence to a requirement, control or task. There are two types of evidence that can be uploaded: 
   
1. Upload File: Add documentation from local storage 
   
2. Add External URL
   

Reporting

1. Sample status report. Download this report to see a sample status report from the Report menu. It will be an instant excel download. 
   
   

Note: This is only sample data. We are working hard to release the Compliance Status Report, so stay tuned!