Getting Started
Welcome to ForgeComply. This guide walks you through setting up your account and starting your first compliance assessment.
Overview
Getting started with ForgeComply involves four steps:
- Create your account — Sign up and verify your email
- Create an organization — Set up your company
- Create an assessment — Choose your framework and audit type
- Start working — Use guided setup or dive in directly
Most users complete initial setup in under 10 minutes.
Step 1: Create Your Account
Sign Up
- Visit forgecomply.com and click Get Started
- Enter your name, email, and password
- Click Create Account
Verify Your Email
- Check your inbox for a verification email
- Click the verification link
- You'll be logged in automatically
Note: If you don't see the email, check your spam folder or click "Resend verification email" on the login page.
Step 2: Create an Organization
An organization represents your company in ForgeComply. All your compliance work happens within an organization.
During Onboarding
After verifying your email, you'll be guided through organization creation:
- Organization name — Your company name (e.g., "Acme Corp")
- Industry — Select your industry sector
- Company size — Approximate employee count
This information helps ForgeComply provide relevant guidance.
Organization Settings
You can update organization details anytime in Settings → Organizations, including:
- Company name
- Industry
- Security contact information
- Policy profile (for policy generation)
Step 3: Create an Assessment
An assessment is your compliance project for a specific framework and audit type.
Choose Your Framework
| Framework | Description |
|---|---|
| SOC 2 | Service organization controls — common for SaaS companies |
| ISO 27001 | International information security standard |
Choose Your Audit Type
For SOC 2:
- Type I — Point-in-time design evaluation (start here if this is your first audit)
- Type II — Effectiveness over time (requires operating history)
For ISO 27001:
- Stage 1 — Documentation readiness
- Stage 2 — Full certification audit
Create the Assessment
- Click + New Assessment in the header
- Select your framework
- Select your audit type
- Give your assessment a name (e.g., "SOC 2 Type I - Q1 2025")
- Click Create
Your assessment is now ready with the appropriate controls pre-loaded.
Step 4: Start Working
You have two ways to proceed:
Option A: Guided Setup (Recommended)
Guided setup walks you through each control step-by-step. This is ideal if:
- This is your first compliance assessment
- You want structured progress tracking
- You prefer completing one thing at a time
To start: Click the Guided Setup toggle in the header, then click Continue on the dashboard.
Option B: Self-Directed
Jump directly into any area:
- Dashboard — Overview of your progress
- Controls — View and respond to all controls
- Policies — Generate and manage policies
- Evidence — Upload and manage evidence
This approach works well if:
- You're familiar with compliance frameworks
- You need to work on specific areas
- You prefer non-linear workflows
You can switch between Guided Setup and standard mode at any time without losing progress.
Understanding Your Dashboard
After creating an assessment, your dashboard shows:
Assessment Completion
A progress ring showing how many controls are evaluated vs. total.
Status Breakdown
- Passing — Controls fully satisfied
- At Risk — Partially complete
- Failing — Critical gaps
- Not Started — No action taken
Next Step
The next control to work on, with a direct link to continue.
Evidence Coverage
Overview of evidence status across controls.
Action Required
Priority items that need attention.
Inviting Team Members
Compliance is a team effort. Invite colleagues to help:
- Go to Settings → Team Members
- Click Invite User
- Enter their email
- Select a role:
- Admin — Full access to everything
- Member — Can view and edit, but limited settings access
- Auditor — Read-only access to reports
Team members receive an email invitation to join.
What's Next?
After setup, you'll typically:
- Complete controls — Answer each control question and assign owners
- Generate policies — Create policy documents from templates
- Upload evidence — Attach supporting documentation
- Review and approve — Finalize policies and review evidence
- Generate reports — Create audit-ready reports
- Share with auditors — Grant auditor access for review
Common Questions
Can I have multiple assessments?
Yes. Organizations often have multiple assessments (e.g., SOC 2 Type I, then Type II).
Can I change framework after creating an assessment?
No. Create a new assessment for a different framework.
What if I make a mistake?
Everything is editable until you generate reports. Even then, you can make changes and generate new reports.
Do I need to complete everything before generating reports?
No, but incomplete items will show as gaps in your reports.
Need Help?
- Documentation — You're here! Browse the sidebar for more guides.
- In-app guidance — Look for help icons and tooltips throughout the app.
- Support — Contact [email protected] for assistance.
Next Steps
- Concepts & Terminology — Understand key terms
- Guided Setup Overview — How guided setup works
- Controls Documentation — Working with controls