Skip to main content

Integrations

The One Compliance integrates with the rest of The One Stack to automate evidence collection and maintain a real-time view of your compliance posture.

Hub SSO

All users authenticate via Hub SSO. There is no separate username/password for The One Compliance.

  • Users access app.theonecompliance.app via the Hub waffle menu
  • Roles are inherited from Hub (Owner, Admin, Member, Viewer)
  • Auditor portal users authenticate via a separate invite-only flow

Security Integration

The One Security provides scan results and findings that serve as compliance evidence:

  • Vulnerability scan results — Automatically linked to vulnerability management controls (e.g., NIST CSF DE.CM-8, PCI DSS 11.3)
  • SAT completion rates — Training completion data satisfies workforce security training controls
  • Phishing simulation results — Campaign results demonstrate security awareness testing
  • Dark web monitoring status — Breach monitoring records serve as evidence for credential management controls

Configure in Settings → Integrations → Security.

RMM Integration

The One RMM provides patch compliance and device management data:

  • Patch compliance reports — Automated patching evidence for system maintenance controls (e.g., HIPAA 164.308(a)(5), CIS Control 7)
  • Device inventory — Hardware and software asset inventory satisfies asset management controls
  • Agent deployment coverage — Endpoint management posture across managed devices

Configure in Settings → Integrations → RMM.

Defend Integration

The One Defend provides endpoint protection data:

  • Endpoint protection deployment — EDR agent deployment status satisfies endpoint security controls (e.g., CIS Control 10, NIST CSF PR.PT-1)
  • Alert response metrics — Mean time to detect and respond demonstrates incident detection capability
  • Policy enforcement — Endpoint security policy compliance across managed devices

Configure in Settings → Integrations → Defend.

Backups Integration

The One Backups provides data protection verification:

  • Backup job results — Success/failure records satisfy data backup controls (e.g., HIPAA 164.308(a)(7), NIST CSF PR.IP-4)
  • Test restore results — Recovery testing evidence demonstrates disaster recovery capability
  • Retention compliance — Backup retention duration vs. policy requirements

Configure in Settings → Integrations → Backups.

People Integration

The One People provides employee and workforce data:

  • Training completion records — Employee training history satisfies workforce security training controls
  • Onboarding/offboarding records — User lifecycle evidence for access management controls
  • Role and department data — Organizational structure for policy acknowledgment targeting

Configure in Settings → Integrations → People.

ℹ️Integration data is pulled on a configurable schedule (daily, weekly, or monthly). You can also trigger a manual sync from each integration's settings page.