Compliance,
rebuilt by the people
who actually do it.
Supervisory is a free, community-built record system for DORA. Every requirement, control and piece of evidence — connected, contributed to, and shared by the practitioners who live in it.
One model. Every relationship preserved.
Built for the messy reality of group structures, third parties, and ICT estates that change daily.
Article browser
Every DORA article and RTS, expanded into requirements with mapped controls, evidence and current status across entities.
Canonical graph
Entities, ICT services, third parties, contracts, controls, incidents and evidence — a single graph, no spreadsheets.
Automated gap assessment
From your inventory and policies, every requirement is classified and the evidence to close each gap is proposed for you.
A new era of compliance.
Staying compliant should be easy, and the tools to make it so are now cheap to build. So they should be free to use.
Supervisory is maintained by Cardinal and built in the open with the practitioners who file the reports, run the tests, and answer the regulator's questions. The community shapes the roadmap and contributes the controls, the mappings, the connectors. Compliance stops being a tax — and becomes shared infrastructure.
Always free for teams.
Built in the open. Forkable.
Contributions belong to everyone.
Posture vs Policy.
Most platforms collapse intent and reality into a single number. Supervisory keeps them apart.
What your policies say should be true sits alongside what your live telemetry, tests and attestations show is true. The delta is your gap — surfaced on the dashboard, never buried in a quarterly review.
Free to use. Built with you.
Spin up a workspace, import your entities, and have an article-by-article posture in an afternoon — then help shape what Supervisory becomes next.