The Audit Room

Insights on compliance, AI, security, and governance.

The Cyber Resilience Act Explained: What Software and Technology Companies Need to Know
Featured analysis

The Cyber Resilience Act Explained: What Software and Technology Companies Need to Know

Kodex-Compliance|14 July 2026|12 min read

Latest articles

Kodex Compliance at Venturethon 10
Frameworks|1 min read

Kodex Compliance at Venturethon 10

Jeremiah Matador, Founder and CEO of Kodex Compliance, will be pitching at Venturethon 10 with Soonami. Kodex Compliance helps startups and growing teams identify compliance gaps, organise evidence and prepare for customer, investor and regulatory expectations with a clear, practical approach.

6 July 2026
The EU AI Act Was Postponed. Here Is What Actually Changed
Frameworks|3 min read

The EU AI Act Was Postponed. Here Is What Actually Changed

The EU AI Act has not been cancelled. It has not disappeared. But part of its timeline has changed.

6 July 2026
The EU AI Act: What It Is, What It Means, and Why You Cannot Ignore It
Frameworks|5 min read

The EU AI Act: What It Is, What It Means, and Why You Cannot Ignore It

The world's first comprehensive legal framework for artificial intelligence is now in force. The EU AI Act (Regulation (EU) 2024/1689) is not a proposal, a recommendation, or a voluntary code of conduct. It is binding law. If your business develops, deploys, imports, or distributes AI systems that affect people in the European Union, this regulation may apply regardless of where your company is headquartered.

4 July 2026
Evidence readiness for the European Union Artificial Intelligence Act
Frameworks|6 min read

Evidence readiness for the European Union Artificial Intelligence Act

A practical guide to the evidence teams need before they can treat European Union Artificial Intelligence Act readiness as more than a checklist.

30 June 2026
Why compliance questionnaires should be generated from context
Questionnaires|5 min read

Why compliance questionnaires should be generated from context

Static questionnaires create noise. Context generated questionnaires can ask fewer questions and still collect stronger evidence.

28 June 2026
Documentation score and implementation score should not be the same
Evidence|4 min read

Documentation score and implementation score should not be the same

A single compliance percentage hides the difference between written process and working control evidence.

26 June 2026
Supplier compliance reviews need a clear working flow
Suppliers|5 min read

Supplier compliance reviews need a clear working flow

The supplier path should move from invite to assessment, review, resubmission, approval, and certificate without losing context.

24 June 2026
Audit packs should be frozen records, not live screens
Audit Packs|4 min read

Audit packs should be frozen records, not live screens

A final audit pack needs stable evidence, dates, scores, and reviewer decisions so it can support later review.

22 June 2026

Stay ahead of the curve

Practical notes on regulation changes, evidence readiness, supplier review, and audit pack design. No account needed, just your email.

Or follow with RSS