Where FormaOS is
headed next
22 items across 7categories. See what we've shipped, what we're building, and what's coming next - publicly and transparently.
Roadmap at a glance
Where we stand today and what's coming across the next four quarters of development.
Timeline
Quarterly delivery plan
Our development roadmap organized by quarter with status breakdown for each delivery window.
Q1 2026
CurrentQ2 2026
Q3 2026
Q4 2026
Everything on the roadmap
22 items across compliance, security, integrations, platform, reporting, automation, and collaboration.
Shipped
Live in production and available to all users.
AI-Assisted Control Mapping
ShippedHigh ImpactMachine learning model suggesting control mappings across frameworks based on semantic similarity.
Compliance Q&A Assistant (general-purpose)
ShippedStateless AI Q&A for compliance vocabulary and policy drafting. Org-grounded retrieval is on the roadmap, not in this release.
GRC API (Public)
ShippedHigh ImpactRESTful API with full CRUD operations, webhooks, and SDK support for custom integrations.
Real-Time Compliance Dashboard
ShippedLive dashboard with WebSocket-powered updates, customizable widgets, and TV mode.
GitHub & GitLab Integration
ShippedPull request compliance checks, code review evidence collection, and SDLC compliance tracking.
Bulk Import & Migration Tools
ShippedCSV/XLSX import wizards for controls, evidence, and organizational data with field mapping.
Audit Readiness Score
ShippedHigh ImpactAggregated audit readiness metric with actionable recommendations and timeline estimates.
Notification Rules Engine
ShippedConditional notification routing with escalation chains, digest batching, and quiet hours.
In Progress
Actively under development with a target release date.
Multi-Region Data Residency
In ProgressHigh ImpactDeploy compliance data to US, EU, and APAC regions with full jurisdictional isolation.
Mobile Companion App
In ProgressHigh ImpactiOS and Android app for evidence capture, task management, and compliance alerts on the go.
HRIS Integration Hub
In ProgressConnect BambooHR, Workday, and Rippling for automated personnel compliance tracking.
Planned
Scoped and scheduled for an upcoming development cycle.
Advanced Reporting Engine
PlannedHigh ImpactCustom report builder with drag-and-drop widgets, scheduled delivery, and multi-format export.
SAML 2.0 + OIDC Hybrid SSO
PlannedSupport both SAML 2.0 and OpenID Connect for maximum identity provider compatibility.
Continuous Control Monitoring
PlannedHigh ImpactReal-time monitoring of technical controls with automated drift detection and alerting.
Custom Framework Builder
PlannedCreate bespoke compliance frameworks with custom controls, evidence mappings, and scoring weights.
AWS Config Integration
PlannedHigh ImpactAutomated compliance monitoring for AWS infrastructure using Config rules and conformance packs.
Exploring
Under evaluation based on customer demand and feasibility.
Evidence Auto-Collection via Cloud APIs
ExploringHigh ImpactScheduled API pulls from cloud providers and security scanners to automatically collect and update compliance evidence.
Multi-Tenant Audit Portal
ExploringRead-only portal for external auditors with time-limited access and scoped visibility.
Vendor Risk Management
ExploringHigh ImpactAssess, monitor, and track third-party vendor compliance posture with questionnaires and evidence collection.
SOC 2 Type II Automation
ExploringHigh ImpactAutomated evidence collection for SOC 2 Type II continuous monitoring requirements.
Privacy Impact Assessments
ExploringStructured DPIA and PIA workflows with template library and stakeholder review chains.
Compliance Training Module
ExploringBuilt-in training management with assignment, tracking, and certification evidence collection.
Investment Areas
Where we're investing
Development effort distributed across categories, reflecting customer demand, compliance landscape, and platform maturity.
Our Commitment
Built with transparency
How we plan, build, and ship, openly, predictably, and with your compliance requirements driving every decision.
Public Roadmap
Our roadmap is publicly visible with real-time status updates. No hidden backlog, no surprise deprecations.
Customer-Driven Priorities
Feature prioritization is informed by customer requests, audit findings, and compliance landscape changes.
Monthly Release Cadence
We ship every month with predictable release windows. Changelogs document every change transparently.
Security-First Development
Security patches ship within 72 hours of discovery. Every release passes automated security scanning.
Semantic Versioning
We follow SemVer strictly. Breaking changes only in major versions with migration guides and extended support.
Proactive Communication
Release notes, breaking change warnings, and deprecation notices delivered well in advance via multiple channels.
Shape the Product
Have a feature request?
Our roadmap is shaped by customer needs. Let us know what would make FormaOS work better for your compliance program.