ForgeCompliance
A shared compliance standards library and scoring engine for the entire Forge platform. ISO 9001, AS9100, IATF 16949, FDA 21 CFR Part 11, ITAR, and CMMC — encoded as structured data, not PDFs.
Supported standards
Each standard is maintained as structured data with machine-readable requirement IDs, evidence criteria, and gap-score weights.
| Standard | Domain | Applicable scope |
|---|---|---|
| ISO 9001:2015 | Quality Management | Universal |
| AS9100 Rev D | Aerospace Quality | Aerospace / Defence |
| IATF 16949:2016 | Automotive Quality | Automotive |
| FDA 21 CFR Part 11 | Electronic Records | Life Sciences |
| ITAR | Export Control | Defence / Government |
| CMMC 2.0 | Cybersecurity | DoD Supply Chain |
How it works
Standards definitions
Every applicable standard is encoded as structured data — requirements, controls, evidence criteria — not a PDF. Query any requirement by ID and get the full obligation text, evidence checklist, and gap-score weight.
Scoring engine
Each Forge product sends ForgeCompliance its capability manifest and ForgeCompliance returns a gap score per standard. Scores update in real time as you configure, enable, or disable features.
Feature flags
ForgeCompliance gates features that carry compliance risk behind flags. Enabling FDA 21 CFR Part 11 mode, for example, activates audit trail enforcement, e-signature hooks, and record retention policies across all Forge products simultaneously.
ForgeOps integration
ForgeOps integrates ForgeCompliance directly via Python import for its SPC, IQ/OQ/PQ validation, and energy reporting modules. All compliance scoring for shop-floor operations runs through the shared library.
REST API
Every other Forge product queries ForgeCompliance via REST on port 8770. The API returns requirement definitions, gap scores, and flag states in a single call. Integrate your own tools using the same endpoint.
Audit evidence export
Generate a compliance evidence package for any registered standard. The package includes gap scores, enabled feature flags, configuration snapshots, and a signed manifest suitable for external auditors.
REST API — port 8770
Query compliance gaps, retrieve requirement definitions, or check feature flag state from any language.
# Get gap score for AS9100 Rev D
curl http://localhost:8770/gap-score/as9100 \
-H "Authorization: Bearer fsk_live_xxxx"
# Response
{
"standard": "as9100_rev_d",
"score": 0.87,
"total_requirements": 164,
"met": 143,
"gaps": [
{ "id": "8.5.1.3", "requirement": "Production documentation control", "weight": 0.8 }
]
}