AuditSwarm Documentation

Welcome to the AuditSwarm documentation! This documentation follows the Diátaxis framework, organizing content into four types based on your needs.

📚 Quick Navigation

🎓 Tutorials - Learning-Oriented

Step-by-step lessons to help you learn by doing. Start here if you're new!

• Getting Started: Your First Audit in 15 Minutes
• Creating a SOC2 Risk Assessment
• Setting Up Your ChatGPT Assistant
• Deploying Locally with Docker
• Managing Team Permissions

🛠️ How-To Guides - Problem-Solving

Practical guides for specific tasks. Use these when you have a goal to accomplish.

For Users:

• How to Approve AI Suggestions
• How to Link OneDrive Documents
• How to Create Dashboards
• How to Export Reports
• How to Manage Permissions
• Understanding Permissions

For Deployment:

• How to Deploy to GCP Cloud Run
• How to Configure OAuth
• How to Scale to 200+ Users
• How to Set Up Monitoring

For Development:

• How to Add a Custom MCP Tool
• How to Create GraphQL Resolvers
• How to Set Up Local Development

For AI Platform Integration:

• ChatGPT Setup
• Microsoft Copilot Studio Setup
• Claude Desktop Setup
• Google Agent Builder Setup

📖 Reference - Information

Technical reference material. Look up exact syntax, parameters, and specifications.

API Reference:

• GraphQL Schema
• MCP Tools
• REST Endpoints

Database:

• Prisma Schema
• Migrations

Configuration:

• Environment Variables
• OAuth Providers
• Docker Compose

CLI:

• NPM Scripts

💡 Explanation - Understanding

Deep dives into concepts, design decisions, and the "why" behind the system.

Architecture:

• Why the Suggestions Pattern is Safe for AI
• Understanding Dual-Transport MCP
• GraphQL-First Architecture
• How Context Tracking Works
• Permission System Architecture

Compliance:

• How AuditSwarm Achieves SOC2 Compliance
• ISO 27001 Controls Implementation
• Audit Trail Design
• RBAC Security Model

Design Decisions:

• Azure to GCP Migration Rationale
• Prisma vs Raw SQL
• OAuth2 for AI Agents

🔒 Compliance & Auditing

Special documentation for SOC2/ISO auditors and security reviews.

• SOC2 Trust Service Criteria Mapping
• ISO 27001 Controls Mapping
• Audit Evidence Guide
• Penetration Testing Guide

---

🎯 I Want To...

...get started quickly → Your First Audit in 15 Minutes

...deploy to production → Deploy to GCP Cloud Run

...use AI assistants → ChatGPT Setup | Claude Desktop Setup

...manage user permissions → Manage Permissions | Team Permissions Tutorial

...understand the architecture → Suggestions Pattern | GraphQL-First

...prepare for SOC2 audit → SOC2 Compliance Guide

...extend the platform → Development How-Tos

...look up API syntax → GraphQL Reference | MCP Tools Reference

---

📦 What's in Each Section?

Type	When to Use	Characteristics
Tutorials	You're learning the system	Step-by-step, guaranteed to work, uses sample data
How-To	You have a specific task	Goal-oriented, assumes baseline knowledge
Reference	You need to look up syntax	Exhaustive, factual, searchable
Explanation	You want to understand "why"	Conceptual, discusses alternatives

---

🏗️ Documentation Status

Section	Status	Last Updated
Tutorials	🚧 In Progress	2025-01-08
How-To Guides	🚧 In Progress	2025-01-08
Reference	📝 Planned	-
Explanation	📝 Planned	-
Compliance	📝 Planned	-

Legend: ✅ Complete | 🚧 In Progress | 📝 Planned

---

📚 Additional Resources

• CLAUDE.md - Development guidance for Claude Code
• README.md - Project overview
• Archive - Deprecated/historical documentation

---

🤝 Contributing to Documentation

Found an error or want to improve these docs? See our Contributing Guide.

Documentation follows:

• Diátaxis framework
• Microsoft Writing Style Guide
• Markdown best practices