{"id":13415437,"url":"https://github.com/kindlyops/havengrc","last_synced_at":"2025-10-07T01:30:43.388Z","repository":{"id":49553474,"uuid":"68644868","full_name":"kindlyops/havengrc","owner":"kindlyops","description":"โ˜๏ธHaven GRC - easier governance, risk, and compliance ๐Ÿ‘จโ€โš•๏ธ๐Ÿ‘ฎโ€โ™€๏ธ๐Ÿฆธโ€โ™€๏ธ๐Ÿ•ต๏ธโ€โ™€๏ธ๐Ÿ‘ฉโ€๐Ÿ”ฌ","archived":true,"fork":false,"pushed_at":"2021-06-14T20:01:54.000Z","size":165217,"stargazers_count":97,"open_issues_count":1,"forks_count":21,"subscribers_count":15,"default_branch":"master","last_synced_at":"2024-10-01T15:08:46.994Z","etag":null,"topics":["asset-management","bioinformatics","compliance","devops","devsecops","elm","ferpa","finra","fisma","gdpr","group-cognition","hipaa","risk-assessment","risk-management","vendor-management"],"latest_commit_sha":null,"homepage":"https://www.havengrc.com","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kindlyops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null}},"created_at":"2016-09-19T20:43:13.000Z","updated_at":"2024-08-22T09:37:41.000Z","dependencies_parsed_at":"2022-08-20T05:21:54.944Z","dependency_job_id":null,"html_url":"https://github.com/kindlyops/havengrc","commit_stats":null,"previous_names":["kindlyops/mappamundi"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kindlyops%2Fhavengrc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kindlyops%2Fhavengrc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kindlyops%2Fhavengrc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kindlyops%2Fhavengrc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kindlyops","download_url":"https://codeload.github.com/kindlyops/havengrc/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235569499,"owners_count":19011184,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["asset-management","bioinformatics","compliance","devops","devsecops","elm","ferpa","finra","fisma","gdpr","group-cognition","hipaa","risk-assessment","risk-management","vendor-management"],"created_at":"2024-07-30T21:00:48.736Z","updated_at":"2025-10-07T01:30:38.337Z","avatar_url":"https://github.com/kindlyops.png","language":"JavaScript","readme":"[![CircleCI](https://circleci.com/gh/kindlyops/havengrc.svg?style=svg)](https://circleci.com/gh/kindlyops/havengrc) [![experimental](http://badges.github.io/stability-badges/dist/experimental.svg)](http://github.com/badges/stability-badges) [![Say Thanks!](https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg)](https://saythanks.io/to/statik) [![Maintainability](https://api.codeclimate.com/v1/badges/d2af9dcd5ad434172a27/maintainability)](https://codeclimate.com/github/kindlyops/havengrc/maintainability)[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fkindlyops%2Fhavengrc.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fkindlyops%2Fhavengrc?ref=badge_shield)\n[![All Contributors](https://img.shields.io/badge/all_contributors-10-orange.svg?style=flat-square)](#contributors-)\n\n# Haven GRC is a modern risk \u0026 compliance dashboard\n\nWe help organizations avoid getting bogged down in rules that no longer make sense by integrating modern tools and practices without abandoning responsible oversight and administrative controls.\n\nBy prioritizing people and culture (beliefs and assumptions aka mental models) over prescriptive checklists, we build resilience and cut down on toil.\n\n### What does Haven GRC do?\n\n- Measures and reports on key security metrics. such as SCDS and FORCE.\n- Guided tool for performing scenario-based risk analysis as required by NIST CSF. Risk analysis modules based on FAIR topology for quantitative risk estimation.\n- Calibration exercises for subject matter experts. Subject matter experts provide estimates based on their expert judgement, calibration training improves accuracy of estimates.\n- Tamper proof evidence store for compliance artifacts. Examples include risk acceptance documents, attestations of management oversight task completion, and third-party security assessment reports. Make your audits much easier!\n\n\n\u003cdetails\u003e\u003csummary\u003e\nFuture roadmap\n\u003c/summary\u003e\n\n- Custom risk analysis models to support domains where subject matter experts have specific insights into the probability distribution of threats or losses\n- Guided tool for performing controls assessments\n- Features for Vendor Risk Management\n\u003c/details\u003e\n\n\u003cdetails\u003e\u003csummary\u003e\nComplementary tools\n\u003c/summary\u003e\nApplications and frameworks that are complementary to Haven. We would prefer to integrate with rather than compete against these tools. They are great!\n\n- IT asset management with [SnipeIT](https://snipeitapp.com)\n- FISMA, NIST 800-53, NIST RMF, DFARS 800-171 documentation preparation for Authority To Operate [GovReady](https://govready.com)\n- SOC2 documentation and workflow assistance with [Comply](https://github.com/strongdm/comply)\n- Controls frameworks such as CIS Top 20 and NIST CSF\n\u003c/details\u003e\n\n## ![screenshot of app](demo2.png)\n\n## Table of Contents\n\n\u003c!--ts--\u003e\n- [Haven GRC is a modern risk \u0026 compliance dashboard](#Haven-GRC-is-a-modern-risk--compliance-dashboard)\n - [What does Haven GRC do?](#What-does-Haven-GRC-do)\n - [!screenshot of app](#screenshot-of-app)\n - [Table of Contents](#Table-of-Contents)\n - [thank you to vendors that support the project](#thank-you-to-vendors-that-support-the-project)\n - [setting up the dev environment](#setting-up-the-dev-environment)\n - [Tmux](#Tmux)\n - [Windows users](#Windows-users)\n - [running the service](#running-the-service)\n - [to access the main webUI](#to-access-the-main-webUI)\n - [to access keycloak](#to-access-keycloak)\n - [to access the GitBook documentation site](#to-access-the-GitBook-documentation-site)\n - [to see emails sent from Haven / keycloak](#to-see-emails-sent-from-Haven--keycloak)\n - [Background jobs](#Background-jobs)\n - [Monitoring activity with Grafana](#Monitoring-activity-with-Grafana)\n - [Security scanning with Zed Attack Proxy](#Security-scanning-with-Zed-Attack-Proxy)\n - [Bazel](#Bazel)\n - [Developer tips](#Developer-tips)\n - [look around inside the database](#look-around-inside-the-database)\n - [Run Go Buffalo tasks](#Run-Go-Buffalo-tasks)\n - [to export keycloak realm data (to refresh the dev users)](#to-export-keycloak-realm-data-to-refresh-the-dev-users)\n - [To clear local storage in Chrome for your local site](#To-clear-local-storage-in-Chrome-for-your-local-site)\n - [Testing on a real mobile device](#Testing-on-a-real-mobile-device)\n - [add a database migration](#add-a-database-migration)\n - [Authentication with JWT and Keycloak](#Authentication-with-JWT-and-Keycloak)\n - [architecture](#architecture)\n - [roles and permissions](#roles-and-permissions)\n - [multi-tenancy](#multi-tenancy)\n - [Low level JWT interactions](#Low-level-JWT-interactions)\n - [Learning Elm](#Learning-Elm)\n - [Design framework and tooling](#Design-framework-and-tooling)\n - [WebUI testing with Cypress](#WebUI-testing-with-Cypress)\n - [Working with RMarkdown templates](#Working-with-RMarkdown-templates)\n - [Deploying with kubernetes / OpenShift](#Deploying-with-kubernetes--OpenShift)\n - [Using OpenShift](#Using-OpenShift)\n - [Database resource](#Database-resource)\n - [TLS](#TLS)\n - [License](#License)\n\n\u003c!--te--\u003e\n## thank you to vendors that support the project\n\nWe use [BrowserStack](http://browserstack.com) to efficiently check cross-browser compatibility while building Haven. We are using snyk.io and codeclimate.com for static scanning. Thank you for providing free services to open source projects!\n\n\u003c!-- markdownlint-disable MD033 --\u003e\n[\u003cimg height=\"53\" src=\"https://p3.zdusercontent.com/attachment/1015988/xfvLD5CuyeUcq2i40RYcw494H?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BvyIxRLJz4phFf7cbIr8_Q.Fl9BR-ARcgvq38p546lM4djFcalediYWQaXV1_U_xi_zr5stXNUKLQNkTt-2zQbXWIIffLSoG8dUSZqL-GsqaTMbBX8OZi14qIHWmBIOPoRmyhwIcQfYIa79ngad69fKDltmq2H2KKWLByI-NWE9ygYpNs2IAXOQ72NICuWLbSyXIDGFVsq5VlV5ok7iCY0WxwXzIAiHbFu_BPufmP951-dpnBIGJAl4KfGk0eSbHKDOYvVkqHU2yZvNL8itCqkThmE7WNgPCS_KL6TyQiPxUQ.0ypOzE6XBmafR82vKRcIKg\"\u003e](http://browserstack.com/)\n\n## setting up the dev environment\n\nThe db schema and migrations are managed using flyway. The PostgreSQL server, the PostgREST API server, and the flyway tool are all run from docker containers to reduce the need for local toolchain installation (java, haskell, postgresql)\n\nTo check and see if you have docker available and set up\n\n docker -v\n docker-compose -v\n docker info\n\nIf you don't have docker running, use [these instructions](https://docs.docker.com/docker-for-mac/). At the time of writing, this is working fine with docker 1.12.\n\n### Tmux\n\nWe have a tmux session defined with https://github.com/tmux-python/tmuxp/ this may make it easier to monitor logs as you work. This is also handy if you want to do development on a remote VM.\n\n pip install --user tmuxp\n tmuxp load ~/go/src/github.com/kindlyops/havengrc\n\n### Windows users\n\nBefore you continue, you need to configure git to auto-correct line ending formats:\n\n git config --global core.autocrlf false\n\nDocker versions prior to 18.0.9.0 have a bug on windows. To work around the bug\nset this in your PowerShell before invoking docker\n\n $Env:COMPOSE_CONVERT_WINDOWS_PATHS=1\n\nThis workaround is described in the [GitHub issue](https://github.com/docker/for-win/issues/1829#issuecomment-376928286).\n\n## running the service\n\nYou will normally run all the services using:\n\n docker-compose up\n docker-compose run flyway # applies database migrations\n\nFrom this point on, you just just be able to use docker-compose up/down normally. Move on to access the main webUI in the next section.\n\n### to access the main webUI\n\nOpen [dev.havengrc.com](http://dev.havengrc.com/), click the login button. You can login with user1\\@havengrc.com/password or user2\\@havengrc.com/password. User2 will prompt you to configure 2Factor authentication.\n\nIf you cannot connect to [dev.havengrc.com](http://dev.havengrc.com), try getting the docker machine ip using the command `docker-machine ip default` and use that instead.\n\n### to access keycloak\n\nOpen [localhost:2015/auth/](http://localhost:2015/auth/), you can sign in with admin/admin\n\n### to access the GitBook documentation site\n\nOpen [docs.dev.havengrc.com](http://docs.dev.havengrc.com/)\n\n### to see emails sent from Haven / keycloak\n\nOpen [mailhog.dev.havengrc.com](http://mailhog.dev.havengrc.com), you can use mailhog to see messages stored in memory\n\n### Background jobs\n\nThe background job worker system is Faktory. You can view the webui in development by opening http://localhost:7420\n\nThe credentials for the faktory webui in the dev environment are\n\n faktory / fassword\n\nYou can monitor jobs as they are submitted and run. The workers run in separate containers.\n\n### Monitoring activity with Grafana\n\nThere is a grafana dashboard that you can view at [localhost:3500](http://localhost:3500/). The username is admin and the password is foobar.\n\n### Security scanning with Zed Attack Proxy\n\nYou can run the ZAP baseline scan with\n\n docker-compose run zap\n\n### Bazel\n\nWe are experimenting with the bazel build tool. Get it from https://bazel.build/\n\nTo build the keycloak service providers jar\n\n bazel build //keycloak-service-providers:spi_deploy.jar\n\n## Developer tips\n\n### look around inside the database\n\nThe psql client is installed in the flyway image, and can connect to the DB server running in the database container.\n\n docker-compose run --entrypoint=\"psql -h db -U postgres mappamundi_dev\" flyway\n \\l # list databases in this server\n \\dn # show the schemas\n \\dt mappa.* # show the tables in the mappa schema\n SET ROLE member; # assume the member role\n SELECT * from foo LIMIT 1; # run arbitrary queries\n \\q # disconnect\n\nWe also have pgadmin4 running on http://localhost:8081. You can sign in using user1\\@havengrc.com/password. Once inside pgadmin4, you will need to add a server, the server hostname is 'db' and the credentials are postgres/postgres.\n\n### Run Go Buffalo tasks\n\nTo see the grift tasks defined in havenapi, run this buffalo command\n\n docker-compose run havenapi buffalo task list\n\nTo run a create_slide task and save it for a user run this command\n\n docker-compose run havenapi buffalo task files:create_slide $SURVEYID $USEREMAIL\n\nThe above command will create a slide for the user email address provided.\n\n### to export keycloak realm data (to refresh the dev users)\n\nAfter keycloak is running and you have made any desired config changes:\n\n docker-compose exec keycloak /opt/jboss/keycloak/bin/standalone.sh \\\n -Dkeycloak.migration.action=export \\\n -Dkeycloak.migration.provider=singleFile \\\n -Dkeycloak.migration.file=/keycloak/havendev-realm.json \\\n -Djboss.http.port=8888 \\\n -Djboss.https.port=9999 \\\n -Djboss.management.http.port=7777\n\n### To clear local storage in Chrome for your local site\n\nSometimes messing with logins and cookies you get stuff corrupted and need to invalidate a session/drop some cookies/tokens that were in localstorage. Visit chrome://settings/cookies\\#cont and search for localhost.\n\n### Testing on a real mobile device\n\nIt's often useful to test your dev code on a variety of real world phones and tablets so you can confirm UI behavior. The easiest way to do this is with a tool called [ngrok](https://ngrok.com). ngrok creates a public URL to a local webserver. If you use ngrok, it's worth signing up for the free plan at least. You will be able to inspect the traffic going over the tunnel, and use http auth credentials to protect access to your tunnel and those you share it with.\n\nIf you have a free ngrok plan, something like this should work\n\n ngrok http -auth \"user:password\" 2015\n\nIf you have a paid ngrok plan, something like this should work\n\n ngrok http -auth \"user:password\" -subdomain=$USER-haven 2015\n\n### add a database migration\n\nAdd a new sql file in flyway/sql, following the naming convention for versions.\n\n``` {.sql}\nCREATE TABLE mappa.foo\n(\n name text NOT NULL PRIMARY KEY\n);\n```\n\n docker-compose run flyway # applies migrations\n docker-compose run flyway # reverts last migration\n # repeat until satisfied\n git add .\n git commit -m \"Adding foo table\"\n\n## Authentication with JWT and Keycloak\n\n### architecture\n\nWe use Keycloak and OpenID for Authorization. Google, GitHub, and other\nidentity providers such as LDAP/Active Directory may be configured as\nKeycloak identify providers. Here is the basic flow\n\n![](docs/plantuml/havengrc.png)\n\n### roles and permissions\n\nKeycloak has sophisticated support for realms, roles, client roles, and custom mappers. For now, we use a simple scheme of a custom user attribute called role. role must be set to \"member\" or \"admin\", and a custom mapper has been configured so that a role claim will be included in the JWT access token. PostgREST will check the role claim and switch to the member or admin role defined in PostgREST. Inside the database, fields can access other parts of the JWT to store user identity.\n\n### multi-tenancy\n\nMulti-tenancy is still a work in progress. Initially we will use a single Keycloak ream, and enhance the signup flow to create an organization-per-user. Initially there will be no real organization support, but we will record organization\\_id along with user\\_id for all data stored. Later we will add support for creating organizations/teams, and will allow users to be a member of multiple organizations. They will only be able to have a single organization active at a time in a login session, and so we'll need an additional page in the login flow to allow the user to select which organization they are activating (once authentication completes).\n\n### Low level JWT interactions\n\nIn order to be able to get a token for a user, the user must have no pending actions in keycloak (like email verification or password change). To exchange a username and password for a Keycloak JWT token with curl:\n\n TOKEN=`curl -s --data \\\n \"grant_type=password\u0026client_id=havendev\u0026scope=openid\u0026username=user1@havengrc.com\u0026password=password\"\\\n http://localhost:2015/auth/realms/havendev/protocol/openid-connect/token \\\n | jq -r '.access_token'`\n\nWe also have a shortcut helper script you can use\n\n export TOKEN=`./get-token`\n\nThen you can use that token by passing it in an Authorization header:\n\n curl -v -H \"Authorization: Bearer $TOKEN\" http://localhost:3001/comment\n\nTo read a file from the database:\n\n curl -H \"Authorization: Bearer $TOKEN\" -H \"Accept: application/octet-stream\" \\\n http://localhost:3001/file?select=file --output result.pdf\n\nTo upload a file to the database via havenapi:\n\n curl -X POST -H \"Authorization: Bearer $TOKEN\" -F \"name=filename.pdf\" \\\n -F \"file=@apitest/features/minimal.pdf\" \\\n http://localhost:3000/api/reports\n\nTo get the content-disposition header set with the filename prefilled:\n\n curl -H \"Authorization: Bearer $TOKEN\" http://localhost:3001/files?select=uuid,name\n\n curl -H \"Authorization: Bearer $TOKEN\" -H \"Accept: application/octet-stream\" \\\n http://localhost:3001/rpc/download_file?fileid=2a4eae80-9117-426d-a422-2be242757262 --output result2.pdf\n\nYou can decode the token to inspect the contents at jwt.io. You will need to get the public cert from the Keycloak Admin interface: Havendev-\\\u003eRealm Settings-\\\u003eKeys-\\\u003ePublic Key and enter it into the jwt.io page to decode the token.\n\n### Low level network debugging\n\nTo inspect network traffic received by Keycloak for debugging complex network\nproxy issues, you can exec a shell inside the keycloak container and run ngrep.\n\n docker exec -u 0 -it keycloak bash\n ngrep -q -W byline port 8080\n\n## Learning Elm\n\n16 minute video by Richard Feldman that explains the framework architecture choices that Elm makes compared to jQuery and Flux. [From jQuery to Flux to Elm](https://www.youtube.com/watch?v=NgwQHGqIMbw).\n\nElm is also a language that compiles to javascript. Here are some resources for learning Elm. In particular, the DailyDrip course is quite good, and provides several wonderful example applications that are MIT licensed and have been used to help bootstrap this application. You should subscribe to DailyDrip and support their work.\n\n- [Free elm course](http://courses.knowthen.com/p/elm-for-beginners)\n- Daily Drip has an [excellent elm course](https://www.dailydrip.com/topics/elm) that sends you a little bit of code each day to work on\n- [Pragmatic Programmers course](https://pragmaticstudio.com/elm)\n- [Frontend Masters elm workshop](https://frontendmasters.com/courses/intro-elm/)\n\n### Design framework and tooling\n\nWe are making use of the [Material Design](https://material.io/guidelines/) system as a base for our design. We are also using the implementation at [Daemonite](http://daemonite.github.io/material/).\n\nWithin the app we are using [SASS](http://sass-lang.com/), and the guidance from [Inverted Triangle CSS](https://www.xfive.co/blog/itcss-scalable-maintainable-css-architecture/) and [Reasonable CSS](http://rscss.io/) to try and keep the CSS manageable.\n\n### WebUI testing with Cypress\n\nWe are starting to use Cypress for some web ui testing.\n\nTo run interactive gui with a local cypress install outside of docker\n\n cd webui\n npm install -g @percy/cypress\n npm run cypress:open\n\nTo run cypress automated inside docker (with video recordings saved)\n\n ./dca run cypress\n\n## Working with RMarkdown templates\n\nTo test the Rmarkdown template, run\n\n docker-compose run worker /home/havenuser/compilereport\n\n## Deploying with kubernetes / OpenShift\n\nBranches merged to master will push new docker images to the OpenShift cluster.\n\n### Using OpenShift\n\nTalk to your administrator about getting an OpenShift account set up. Once you have access to Kubernetes / OpenShift, you can use the `oc` command to interact with the platform and update Haven GRC deployments.\n\nTo get useful information to get oriented and find out what is happening:\n\n oc whoami\n oc project\n oc status -v\n oc get events\n\nHere is an example of running migrations in production with `oc` .\n\n oc project haven-production\n # check to see if the migration job is there.\n oc get jobs\n oc delete job flyway-migrate\n oc create -f k8s/flyway-migration-job.yaml\n # check the logs of the job to see if the migration ran ok\n\nOpenShift CLI versions vary depending on where you installed from. Installing via homebrew `brew install openshift-cli` on macOS is fresher than installing from the link in OpenShift web console. (We ran into a difference in command flags needed with different versions of `oc`).\n\n### Database resource\n\nIn your Kubernetes cluster there must be an ExternalName Service defined named `db`. If your administrator has already set this up, you can see the endpoint by running:\n\n oc get services\n\nThere must also be secrets set up with the DB credentials.\n\n### TLS\n\nYou can provision certificates from Let's Encrypt in manual mode with certbot. The key material should be stored in a k8s secret which the havenweb pod loads as a volume so that Caddy can serve the certificate.\n\n certbot certonly --manual --preferred-challenge=dns\n\n # to verify if the dns challenge record has been published,\n dig -t txt _acme-challenge.staging.havengrc.com\n\nOnce you complete the challenge and get the key material, edit the secret.\n\n base64 -i /etc/letsencrypt/live/staging.havengrc.com/fullchain.pem | pbcopy\n oc edit secrets/secretname\n\nReplace the values for fullkey.pem and privkey.pem with base64 encoded versions of the new certificates. Save and exit.\n\n\n## License\nHaven GRC is licensed under the Apache License 2.0\n\nPlease use it and enjoy!\n\n[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fkindlyops%2Fhavengrc.svg?type=large)](https://app.fossa.io/projects/git%2Bgithub.com%2Fkindlyops%2Fhavengrc?ref=badge_large)\n\n## Contributors โœจ\n\nThanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):\n\n\u003c!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section --\u003e\n\u003c!-- prettier-ignore --\u003e\n\u003ctable\u003e\n \u003ctr\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/nikita-abraham\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/14129019?v=4\" width=\"100px;\" alt=\"Nikita Abraham\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eNikita Abraham\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#design-nikita-abraham\" title=\"Design\"\u003e๐ŸŽจ\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/adplusverb\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/6987835?v=4\" width=\"100px;\" alt=\"Aaron\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eAaron\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#design-adplusverb\" title=\"Design\"\u003e๐ŸŽจ\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://www.romanskydesigns.com/\"\u003e\u003cimg src=\"https://avatars0.githubusercontent.com/u/26156964?v=4\" width=\"100px;\" alt=\"Austin Romansky\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eAustin Romansky\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#design-Romansky1987\" title=\"Design\"\u003e๐ŸŽจ\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/Halfwintr\"\u003e\u003cimg src=\"https://avatars0.githubusercontent.com/u/249198?v=4\" width=\"100px;\" alt=\"Hiromi Matsumoto\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eHiromi Matsumoto\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#design-Halfwintr\" title=\"Design\"\u003e๐ŸŽจ\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://www.kindlyops.com\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/983?v=4\" width=\"100px;\" alt=\"Elliot Murphy\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eElliot Murphy\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#business-statik\" title=\"Business development\"\u003e๐Ÿ’ผ\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/crashGoBoom\"\u003e\u003cimg src=\"https://avatars0.githubusercontent.com/u/17323411?v=4\" width=\"100px;\" alt=\"Christopher Mundus\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eChristopher Mundus\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=crashGoBoom\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/laurencaitlan\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/17053034?v=4\" width=\"100px;\" alt=\"Lauren Behan\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eLauren Behan\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=laurencaitlan\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n \u003ctr\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://davidstreeterconsulting.com\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/6311278?v=4\" width=\"100px;\" alt=\"David Streeter\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eDavid Streeter\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=dstreet26\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/knmurphy\"\u003e\u003cimg src=\"https://avatars0.githubusercontent.com/u/2067836?v=4\" width=\"100px;\" alt=\"Kevin N. Murphy\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eKevin N. Murphy\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=knmurphy\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"http://joelclermont.com\"\u003e\u003cimg src=\"https://avatars0.githubusercontent.com/u/298100?v=4\" width=\"100px;\" alt=\"Joel Clermont\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eJoel Clermont\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=joelclermont\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"http://www.winstonhearn.com\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/779882?v=4\" width=\"100px;\" alt=\"Winston Hearn\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eWinston Hearn\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=wnstn\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://github.com/kindlyseth\"\u003e\u003cimg src=\"https://avatars1.githubusercontent.com/u/16927189?v=4\" width=\"100px;\" alt=\"Seth Klein\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eSeth Klein\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#ideas-kindlyseth\" title=\"Ideas, Planning, \u0026 Feedback\"\u003e๐Ÿค”\u003c/a\u003e \u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=kindlyseth\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e\u003c/td\u003e\n \u003ctd align=\"center\"\u003e\u003ca href=\"https://stoltenb.org/\"\u003e\u003cimg src=\"https://avatars3.githubusercontent.com/u/39569?v=4\" width=\"100px;\" alt=\"John Stoltenborg\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eJohn Stoltenborg\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/kindlyops/havengrc/commits?author=tlots\" title=\"Code\"\u003e๐Ÿ’ป\u003c/a\u003e \u003ca href=\"#ideas-tlots\" title=\"Ideas, Planning, \u0026 Feedback\"\u003e๐Ÿค”\u003c/a\u003e\u003c/td\u003e\n \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003c!-- ALL-CONTRIBUTORS-LIST:END --\u003e\n\nThis project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!","funding_links":[],"categories":["Compliance Management System"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkindlyops%2Fhavengrc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkindlyops%2Fhavengrc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkindlyops%2Fhavengrc/lists"}