Available Tools

The Probo MCP Server provides 129 tools for managing compliance data. Tools are organized by resource type and follow consistent naming patterns.

Tool Categories

Tools are grouped into these categories:

• Organizations - Manage organizations
• Users - Manage team members
• Vendors - Track third-party vendors and suppliers
• Risks - Assess and manage risks
• Measures - Implement compliance controls
• Frameworks - Manage compliance frameworks
• Assets - Track organizational assets
• Data - Classify and manage data
• Nonconformities - Track compliance issues
• Obligations - Manage compliance obligations
• Processing Activities - Manage data processing activities (GDPR)
• Data Protection Impact Assessments - Manage DPIAs
• Transfer Impact Assessments - Manage TIAs
• Continual Improvements - Track improvements
• Audits - Manage compliance audits
• Controls - Manage framework controls
• Tasks - Track compliance tasks
• Snapshots - Point-in-time snapshots
• Documents - Manage policy documents and signatures
• Meetings - Track compliance meetings
• States of Applicability - Manage ISO 27001 SoA

Organizations

listOrganizations

🔍 Read-only

List all organizations the user has access to.

Parameters: {}

Returns: Array of organizations with ID, name, and metadata

Example:
AI: "What organizations do I have access to?"
    [Uses listOrganizations tool]

Users

listUsers

🔍 Read-only

List all users for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination, filtering
Returns: Array of users with roles and contact information, next_cursor for pagination

Example:
AI: "List all team members in my organization"
    [Uses listUsers tool]

getUser

🔍 Read-only

Get a user by ID (profile ID).

Parameters: {
  "organization_id": "org_xxx",
  "user_id": "user_xxx"
}

Returns: Full user details including role, department, and access permissions

Example:
AI: "Get details for user user_abc123"
    [Uses getUser tool]

createUser

✏️ Write

Create a new user in the organization.

Parameters: {
  "organization_id": "org_xxx",
  "email": "user@example.com",
  "full_name": "John Doe"
}

Returns: Created user object with generated ID

Example:
AI: "Create user john.doe@example.com in the organization"
    [Uses createUser tool]

inviteUser

✏️ Write

Invite a user (profile) to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "email": "user@example.com"
}

Returns: Invitation object

Example:
AI: "Invite john.doe@example.com to the organization"
    [Uses inviteUser tool]

updateUser

✏️ Write

Update an existing user (profile).

Parameters: {
  "organization_id": "org_xxx",
  "user_id": "user_xxx",
  "full_name": "John Doe Updated"
}

Returns: Updated user object

Example:
AI: "Update user user_abc123 full name"
    [Uses updateUser tool]

updateMembership

✏️ Write

Update a membership role.

Parameters: {
  "organization_id": "org_xxx",
  "user_id": "user_xxx",
  "role": "ADMIN"
}

Returns: Updated membership object

Example:
AI: "Set user user_abc123 role to ADMIN"
    [Uses updateMembership tool]

removeUser

✏️ Write

Remove a user from the organization.

Parameters: {
  "organization_id": "org_xxx",
  "user_id": "user_xxx"
}

Returns: Confirmation of removal

Example:
AI: "Remove user user_abc123 from the organization"
    [Uses removeUser tool]

Vendors

listVendors

🔍 Read-only

List all vendors for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": { "query": "search term" }
}

Supports: Pagination, search, filtering
Returns: Array of vendors with basic information, next_cursor for pagination

Example:
AI: "List all vendors"
    [Uses listVendors tool]
AI: "Find vendors matching 'cloud'"
    [Uses listVendors tool with query filter]

addVendor

✏️ Write

Add a new vendor to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Vendor Name",
  "description": "Vendor description",
  "website": "https://vendor.com"
}

Returns: Created vendor object with generated ID

Example:
AI: "Add a new vendor called CloudBackup Inc that provides backup services"
    [Uses addVendor tool]

updateVendor

✏️ Write

Update an existing vendor.

Parameters: {
  "organization_id": "org_xxx",
  "vendor_id": "vendor_xxx",
  "name": "Updated Name",
  "description": "Updated description"
}

Returns: Updated vendor object

Example:
AI: "Update vendor vendor_abc123 to mark them as approved"
    [Uses updateVendor tool]

listVendorRiskAssessments

🔍 Read-only

List all risk assessments for a vendor.

Parameters: {
  "organization_id": "org_xxx",
  "vendor_id": "vendor_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Returns: Array of risk assessments for the vendor

Example:
AI: "Show all risk assessments for vendor vendor_abc123"
    [Uses listVendorRiskAssessments tool]

addVendorRiskAssessment

✏️ Write

Add a new risk assessment for a vendor.

Parameters: {
  "organization_id": "org_xxx",
  "vendor_id": "vendor_xxx",
  "risk_level": "HIGH",
  "notes": "Assessment notes"
}

Returns: Created vendor risk assessment object

Example:
AI: "Add a HIGH risk assessment for vendor vendor_abc123"
    [Uses addVendorRiskAssessment tool]

Risks

listRisks

🔍 Read-only

List all risks with filtering and pagination.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": {
    "query": "search term",
    "status": "OPEN",
    "min_residual_risk_score": 15
  },
  "order_by": { "field": "RESIDUAL_RISK_SCORE", "direction": "DESC" }
}

Supports: Pagination, search, filtering, sorting
Returns: Array of risks with scores and treatment status, next_cursor for pagination

Example:
AI: "Show me all high-priority risks"
    [Uses listRisks tool with filter]
AI: "List risks with a score above 15"
    [Uses listRisks tool with min_residual_risk_score filter]

getRisk

🔍 Read-only

Get detailed information about a specific risk.

Parameters: {
  "organization_id": "org_xxx",
  "risk_id": "risk_xxx"
}

Returns: Full risk details including assessment, mitigation, and history

Example:
AI: "Get details for risk risk_abc123"
    [Uses getRisk tool]

addRisk

✏️ Write

Add a new risk to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Risk Name",
  "description": "Risk description",
  "likelihood": 5,
  "impact": 4,
  "treatment": "MITIGATE"
}

Returns: Created risk object with calculated risk scores

Example:
AI: "Add a risk for potential data breach with high likelihood and impact"
    [Uses addRisk tool]

updateRisk

✏️ Write

Update an existing risk assessment.

Parameters: {
  "organization_id": "org_xxx",
  "risk_id": "risk_xxx",
  "likelihood": 3,
  "impact": 3,
  "treatment": "ACCEPT"
}

Returns: Updated risk object with recalculated scores

Example:
AI: "Update risk risk_abc123 to set treatment as ACCEPT"
    [Uses updateRisk tool]

deleteRisk

✏️ Write

Delete a risk.

Parameters: {
  "organization_id": "org_xxx",
  "risk_id": "risk_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete risk risk_abc123"
    [Uses deleteRisk tool]

listRiskObligations

🔍 Read-only

List obligations linked to a risk.

Parameters: {
  "organization_id": "org_xxx",
  "risk_id": "risk_xxx"
}

Returns: Array of obligations associated with the risk

Example:
AI: "Show obligations linked to risk risk_abc123"
    [Uses listRiskObligations tool]

linkRisk

✏️ Write

Link a risk to a resource (document, measure, or obligation). The resource type is determined from the resource GID.

Parameters: {
  "organization_id": "org_xxx",
  "risk_id": "risk_xxx",
  "resource_id": "gid://resource_xxx"
}

Returns: Updated risk with new link

Example:
AI: "Link risk risk_abc123 to measure measure_abc123"
    [Uses linkRisk tool]

unlinkRisk

✏️ Write

Unlink a risk from a resource (document, measure, or obligation). The resource type is determined from the resource GID.

Parameters: {
  "organization_id": "org_xxx",
  "risk_id": "risk_xxx",
  "resource_id": "gid://resource_xxx"
}

Returns: Updated risk with link removed

Example:
AI: "Unlink risk risk_abc123 from measure measure_abc123"
    [Uses unlinkRisk tool]

Measures

listMeasures

🔍 Read-only

List all measures for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": { "state": "IMPLEMENTED" }
}

Supports: Pagination, filtering by state
Returns: Array of measures with implementation status, next_cursor for pagination

Example:
AI: "List all implemented measures"
    [Uses listMeasures tool with state filter]
AI: "Show measures in PLANNED state"
    [Uses listMeasures tool with state=PLANNED filter]

getMeasure

🔍 Read-only

Get details of a specific measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx"
}

Returns: Full measure details including evidence and history

Example:
AI: "Get details for measure measure_abc123"
    [Uses getMeasure tool]

addMeasure

✏️ Write

Add a new measure to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Measure Name",
  "description": "Measure description",
  "state": "PLANNED"
}

Returns: Created measure object

Example:
AI: "Add a new measure for employee security training"
    [Uses addMeasure tool]

updateMeasure

✏️ Write

Update an existing measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx",
  "state": "IMPLEMENTED",
  "evidence": "Implementation evidence"
}

Returns: Updated measure object

Example:
AI: "Update measure measure_abc123 to IMPLEMENTED state"
    [Uses updateMeasure tool]

deleteMeasure

✏️ Write

Delete a measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete measure measure_abc123"
    [Uses deleteMeasure tool]

listMeasureRisks

🔍 Read-only

List risks linked to a measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx"
}

Returns: Array of risks associated with the measure

Example:
AI: "Show risks linked to measure measure_abc123"
    [Uses listMeasureRisks tool]

listMeasureControls

🔍 Read-only

List controls linked to a measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx"
}

Returns: Array of controls associated with the measure

Example:
AI: "Show controls linked to measure measure_abc123"
    [Uses listMeasureControls tool]

listMeasureTasks

🔍 Read-only

List tasks linked to a measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx"
}

Returns: Array of tasks associated with the measure

Example:
AI: "Show tasks for measure measure_abc123"
    [Uses listMeasureTasks tool]

listMeasureEvidences

🔍 Read-only

List evidences linked to a measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx"
}

Returns: Array of evidences associated with the measure

Example:
AI: "Show evidences for measure measure_abc123"
    [Uses listMeasureEvidences tool]

linkMeasure

✏️ Write

Link a measure to a resource (control or risk). The resource type is determined from the resource GID.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx",
  "resource_id": "gid://resource_xxx"
}

Returns: Updated measure with new link

Example:
AI: "Link measure measure_abc123 to control control_abc123"
    [Uses linkMeasure tool]

unlinkMeasure

✏️ Write

Unlink a measure from a resource (control or risk). The resource type is determined from the resource GID.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx",
  "resource_id": "gid://resource_xxx"
}

Returns: Updated measure with link removed

Example:
AI: "Unlink measure measure_abc123 from control control_abc123"
    [Uses unlinkMeasure tool]

Frameworks

listFrameworks

🔍 Read-only

List compliance frameworks.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of frameworks (SOC 2, ISO 27001, etc.), next_cursor for pagination

Example:
AI: "List all compliance frameworks"
    [Uses listFrameworks tool]

getFramework

🔍 Read-only

Get framework details.

Parameters: {
  "organization_id": "org_xxx",
  "framework_id": "framework_xxx"
}

Returns: Framework details including requirements and compliance status

Example:
AI: "Get details for framework framework_abc123"
    [Uses getFramework tool]

addFramework

✏️ Write

Add a new compliance framework.

Parameters: {
  "organization_id": "org_xxx",
  "name": "SOC 2 Type II",
  "description": "Service Organization Control 2"
}

Returns: Created framework object

Example:
AI: "Add SOC 2 Type II framework"
    [Uses addFramework tool]

updateFramework

✏️ Write

Update an existing framework.

Parameters: {
  "organization_id": "org_xxx",
  "framework_id": "framework_xxx",
  "status": "IN_PROGRESS"
}

Returns: Updated framework object

Example:
AI: "Update framework framework_abc123 status to IN_PROGRESS"
    [Uses updateFramework tool]

Assets

listAssets

🔍 Read-only

List all organizational assets.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": { "type": "SERVER" }
}

Supports: Pagination, filtering by type
Returns: Array of assets with classification, next_cursor for pagination

Example:
AI: "List all organizational assets"
    [Uses listAssets tool]
AI: "Show assets of type SERVER"
    [Uses listAssets tool with type filter]

getAsset

🔍 Read-only

Get asset details.

Parameters: {
  "organization_id": "org_xxx",
  "asset_id": "asset_xxx"
}

Returns: Full asset details including classification and ownership

Example:
AI: "Get details for asset asset_abc123"
    [Uses getAsset tool]

addAsset

✏️ Write

Add a new asset.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Asset Name",
  "type": "SERVER",
  "classification": "CONFIDENTIAL"
}

Returns: Created asset object

Example:
AI: "Add a new server asset classified as CONFIDENTIAL"
    [Uses addAsset tool]

updateAsset

✏️ Write

Update asset information.

Parameters: {
  "organization_id": "org_xxx",
  "asset_id": "asset_xxx",
  "classification": "HIGHLY_CONFIDENTIAL"
}

Returns: Updated asset object

Example:
AI: "Update asset asset_abc123 classification to HIGHLY_CONFIDENTIAL"
    [Uses updateAsset tool]

Data

listData

🔍 Read-only

List data classifications.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of data classifications, next_cursor for pagination

Example:
AI: "List all data classifications"
    [Uses listData tool]

getDatum

🔍 Read-only

Get data classification details.

Parameters: {
  "organization_id": "org_xxx",
  "datum_id": "datum_xxx"
}

Returns: Data classification details and handling requirements

Example:
AI: "Get details for datum datum_abc123"
    [Uses getDatum tool]

addDatum

✏️ Write

Add a new data classification.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Personal Data",
  "classification": "PII",
  "retention_period": "7 years"
}

Returns: Created data classification object

Example:
AI: "Add a new PII data classification with 7 year retention"
    [Uses addDatum tool]

updateDatum

✏️ Write

Update an existing data classification.

Parameters: {
  "organization_id": "org_xxx",
  "datum_id": "datum_xxx",
  "retention_period": "5 years"
}

Returns: Updated data classification object

Example:
AI: "Update datum datum_abc123 retention period to 5 years"
    [Uses updateDatum tool]

Nonconformities

listNonconformities

🔍 Read-only

List all nonconformities.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": { "status": "OPEN" }
}

Supports: Pagination, filtering by status
Returns: Array of nonconformities, next_cursor for pagination

Example:
AI: "List all open nonconformities"
    [Uses listNonconformities tool with status filter]

getNonconformity

🔍 Read-only

Get nonconformity details.

Parameters: {
  "organization_id": "org_xxx",
  "nonconformity_id": "nonconf_xxx"
}

Returns: Full nonconformity details and remediation status

Example:
AI: "Get details for nonconformity nonconf_abc123"
    [Uses getNonconformity tool]

addNonconformity

✏️ Write

Add a new nonconformity.

Parameters: {
  "organization_id": "org_xxx",
  "title": "Nonconformity Title",
  "description": "Description",
  "severity": "HIGH"
}

Returns: Created nonconformity object

Example:
AI: "Add a nonconformity for missing password policy"
    [Uses addNonconformity tool]

updateNonconformity

✏️ Write

Update nonconformity status.

Parameters: {
  "organization_id": "org_xxx",
  "nonconformity_id": "nonconf_xxx",
  "status": "RESOLVED",
  "resolution": "Resolution details"
}

Returns: Updated nonconformity object

Example:
AI: "Mark nonconformity nonconf_abc123 as RESOLVED"
    [Uses updateNonconformity tool]

Obligations

listObligations

🔍 Read-only

List all obligations for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": { "status": "PENDING" }
}

Supports: Pagination, filtering by status
Returns: Array of obligations with due dates, next_cursor for pagination

Example:
AI: "List all pending obligations"
    [Uses listObligations tool with status filter]

getObligation

🔍 Read-only

Get obligation details.

Parameters: {
  "organization_id": "org_xxx",
  "obligation_id": "oblig_xxx"
}

Returns: Full obligation details and completion status

Example:
AI: "Get details for obligation oblig_abc123"
    [Uses getObligation tool]

addObligation

✏️ Write

Add a new obligation.

Parameters: {
  "organization_id": "org_xxx",
  "title": "Obligation Title",
  "due_date": "2025-12-31",
  "description": "Description"
}

Returns: Created obligation object

Example:
AI: "Add an obligation for annual security review due Dec 31"
    [Uses addObligation tool]

updateObligation

✏️ Write

Update obligation status.

Parameters: {
  "organization_id": "org_xxx",
  "obligation_id": "oblig_xxx",
  "status": "COMPLETED",
  "completion_date": "2025-01-15"
}

Returns: Updated obligation object

Example:
AI: "Mark obligation oblig_abc123 as COMPLETED"
    [Uses updateObligation tool]

Processing Activities

listProcessingActivities

🔍 Read-only

List all processing activities for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of processing activities, next_cursor for pagination

Example:
AI: "List all data processing activities"
    [Uses listProcessingActivities tool]

getProcessingActivity

🔍 Read-only

Get a processing activity by ID.

Parameters: {
  "organization_id": "org_xxx",
  "processing_activity_id": "pa_xxx"
}

Returns: Full processing activity details

Example:
AI: "Get details for processing activity pa_abc123"
    [Uses getProcessingActivity tool]

addProcessingActivity

✏️ Write

Add a new processing activity to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Customer Data Processing",
  "description": "Processing customer personal data"
}

Returns: Created processing activity object

Example:
AI: "Add a processing activity for customer data processing"
    [Uses addProcessingActivity tool]

updateProcessingActivity

✏️ Write

Update an existing processing activity.

Parameters: {
  "organization_id": "org_xxx",
  "processing_activity_id": "pa_xxx",
  "name": "Updated Name"
}

Returns: Updated processing activity object

Example:
AI: "Update processing activity pa_abc123 name"
    [Uses updateProcessingActivity tool]

deleteProcessingActivity

✏️ Write

Delete a processing activity.

Parameters: {
  "organization_id": "org_xxx",
  "processing_activity_id": "pa_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete processing activity pa_abc123"
    [Uses deleteProcessingActivity tool]

Data Protection Impact Assessments

listDataProtectionImpactAssessments

🔍 Read-only

List all data protection impact assessments (DPIAs) for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of DPIAs, next_cursor for pagination

Example:
AI: "List all DPIAs"
    [Uses listDataProtectionImpactAssessments tool]

getDataProtectionImpactAssessment

🔍 Read-only

Get a data protection impact assessment (DPIA) by ID.

Parameters: {
  "organization_id": "org_xxx",
  "dpia_id": "dpia_xxx"
}

Returns: Full DPIA details

Example:
AI: "Get details for DPIA dpia_abc123"
    [Uses getDataProtectionImpactAssessment tool]

addDataProtectionImpactAssessment

✏️ Write

Add a new data protection impact assessment (DPIA) for a processing activity.

Parameters: {
  "organization_id": "org_xxx",
  "processing_activity_id": "pa_xxx",
  "name": "DPIA for Customer Data"
}

Returns: Created DPIA object

Example:
AI: "Create a DPIA for processing activity pa_abc123"
    [Uses addDataProtectionImpactAssessment tool]

updateDataProtectionImpactAssessment

✏️ Write

Update an existing data protection impact assessment (DPIA).

Parameters: {
  "organization_id": "org_xxx",
  "dpia_id": "dpia_xxx",
  "status": "COMPLETED"
}

Returns: Updated DPIA object

Example:
AI: "Mark DPIA dpia_abc123 as COMPLETED"
    [Uses updateDataProtectionImpactAssessment tool]

deleteDataProtectionImpactAssessment

✏️ Write

Delete a data protection impact assessment (DPIA) by ID.

Parameters: {
  "organization_id": "org_xxx",
  "dpia_id": "dpia_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete DPIA dpia_abc123"
    [Uses deleteDataProtectionImpactAssessment tool]

Transfer Impact Assessments

listTransferImpactAssessments

🔍 Read-only

List all transfer impact assessments (TIAs) for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of TIAs, next_cursor for pagination

Example:
AI: "List all transfer impact assessments"
    [Uses listTransferImpactAssessments tool]

getTransferImpactAssessment

🔍 Read-only

Get a transfer impact assessment (TIA) by ID.

Parameters: {
  "organization_id": "org_xxx",
  "tia_id": "tia_xxx"
}

Returns: Full TIA details

Example:
AI: "Get details for TIA tia_abc123"
    [Uses getTransferImpactAssessment tool]

addTransferImpactAssessment

✏️ Write

Add a new transfer impact assessment (TIA) for a processing activity.

Parameters: {
  "organization_id": "org_xxx",
  "processing_activity_id": "pa_xxx",
  "destination_country": "US"
}

Returns: Created TIA object

Example:
AI: "Create a TIA for data transfer to the US for processing activity pa_abc123"
    [Uses addTransferImpactAssessment tool]

updateTransferImpactAssessment

✏️ Write

Update an existing transfer impact assessment (TIA).

Parameters: {
  "organization_id": "org_xxx",
  "tia_id": "tia_xxx",
  "status": "APPROVED"
}

Returns: Updated TIA object

Example:
AI: "Approve TIA tia_abc123"
    [Uses updateTransferImpactAssessment tool]

deleteTransferImpactAssessment

✏️ Write

Delete a transfer impact assessment (TIA).

Parameters: {
  "organization_id": "org_xxx",
  "tia_id": "tia_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete TIA tia_abc123"
    [Uses deleteTransferImpactAssessment tool]

Continual Improvements

listContinualImprovements

🔍 Read-only

List all continual improvements for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of improvement initiatives, next_cursor for pagination

Example:
AI: "List all improvement initiatives"
    [Uses listContinualImprovements tool]

getContinualImprovement

🔍 Read-only

Get a continual improvement by ID.

Parameters: {
  "organization_id": "org_xxx",
  "continual_improvement_id": "ci_xxx"
}

Returns: Full improvement details and progress

Example:
AI: "Get details for improvement ci_abc123"
    [Uses getContinualImprovement tool]

addContinualImprovement

✏️ Write

Add a new continual improvement to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "title": "Improvement Title",
  "description": "Description",
  "target_date": "2025-06-30"
}

Returns: Created improvement object

Example:
AI: "Add improvement initiative to automate backups"
    [Uses addContinualImprovement tool]

updateContinualImprovement

✏️ Write

Update an existing continual improvement.

Parameters: {
  "organization_id": "org_xxx",
  "continual_improvement_id": "ci_xxx",
  "status": "IN_PROGRESS",
  "progress": 50
}

Returns: Updated improvement object

Example:
AI: "Update improvement ci_abc123 progress to 50%"
    [Uses updateContinualImprovement tool]

Audits

listAudits

🔍 Read-only

List all audits for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor",
  "filter": { "status": "ACTIVE" }
}

Supports: Pagination, filtering by status
Returns: Array of audits, next_cursor for pagination

Example:
AI: "List all active audits"
    [Uses listAudits tool with status filter]
AI: "Show completed audits"
    [Uses listAudits tool with status=COMPLETED filter]

getAudit

🔍 Read-only

Get audit details.

Parameters: {
  "organization_id": "org_xxx",
  "audit_id": "audit_xxx"
}

Returns: Full audit details including findings and scope

Example:
AI: "Get details for audit audit_abc123"
    [Uses getAudit tool]

addAudit

✏️ Write

Add a new audit.

Parameters: {
  "organization_id": "org_xxx",
  "title": "Audit Title",
  "audit_type": "INTERNAL",
  "scheduled_date": "2025-03-01"
}

Returns: Created audit object

Example:
AI: "Add an internal audit scheduled for March 1"
    [Uses addAudit tool]

updateAudit

✏️ Write

Update audit status and details.

Parameters: {
  "organization_id": "org_xxx",
  "audit_id": "audit_xxx",
  "status": "COMPLETED",
  "completion_date": "2025-03-15",
  "visible": true
}

Returns: Updated audit object

Example:
AI: "Mark audit audit_abc123 as COMPLETED"
    [Uses updateAudit tool]

Controls

listControls

🔍 Read-only

List all controls for the organization or framework.

Parameters: {
  "organization_id": "org_xxx",
  "framework_id": "framework_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination, filtering by framework
Returns: Array of controls, next_cursor for pagination

Example:
AI: "List all controls for framework framework_abc123"
    [Uses listControls tool]

getControl

🔍 Read-only

Get a control by ID.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx"
}

Returns: Full control details

Example:
AI: "Get details for control control_abc123"
    [Uses getControl tool]

addControl

✏️ Write

Add a new control to a framework.

Parameters: {
  "organization_id": "org_xxx",
  "framework_id": "framework_xxx",
  "name": "Control Name",
  "description": "Control description"
}

Returns: Created control object

Example:
AI: "Add a control for access management to framework_abc123"
    [Uses addControl tool]

updateControl

✏️ Write

Update an existing control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "status": "IMPLEMENTED"
}

Returns: Updated control object

Example:
AI: "Update control control_abc123 to IMPLEMENTED"
    [Uses updateControl tool]

linkControlMeasure

✏️ Write

Link a measure to a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "measure_id": "measure_xxx"
}

Returns: Updated control with new measure link

Example:
AI: "Link measure measure_abc123 to control control_abc123"
    [Uses linkControlMeasure tool]

unlinkControlMeasure

✏️ Write

Unlink a measure from a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "measure_id": "measure_xxx"
}

Returns: Updated control with measure link removed

Example:
AI: "Unlink measure measure_abc123 from control control_abc123"
    [Uses unlinkControlMeasure tool]

linkControlDocument

✏️ Write

Link a document to a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "document_id": "doc_xxx"
}

Returns: Updated control with new document link

Example:
AI: "Link document doc_abc123 to control control_abc123"
    [Uses linkControlDocument tool]

unlinkControlDocument

✏️ Write

Unlink a document from a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "document_id": "doc_xxx"
}

Returns: Updated control with document link removed

Example:
AI: "Unlink document doc_abc123 from control control_abc123"
    [Uses unlinkControlDocument tool]

linkControlAudit

✏️ Write

Link an audit to a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "audit_id": "audit_xxx"
}

Returns: Updated control with new audit link

Example:
AI: "Link audit audit_abc123 to control control_abc123"
    [Uses linkControlAudit tool]

unlinkControlAudit

✏️ Write

Unlink an audit from a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "audit_id": "audit_xxx"
}

Returns: Updated control with audit link removed

Example:
AI: "Unlink audit audit_abc123 from control control_abc123"
    [Uses unlinkControlAudit tool]

linkControlSnapshot

✏️ Write

Link a snapshot to a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "snapshot_id": "snapshot_xxx"
}

Returns: Updated control with new snapshot link

Example:
AI: "Link snapshot snapshot_abc123 to control control_abc123"
    [Uses linkControlSnapshot tool]

unlinkControlSnapshot

✏️ Write

Unlink a snapshot from a control.

Parameters: {
  "organization_id": "org_xxx",
  "control_id": "control_xxx",
  "snapshot_id": "snapshot_xxx"
}

Returns: Updated control with snapshot link removed

Example:
AI: "Unlink snapshot snapshot_abc123 from control control_abc123"
    [Uses unlinkControlSnapshot tool]

Tasks

listTasks

🔍 Read-only

List all tasks for the organization or measure.

Parameters: {
  "organization_id": "org_xxx",
  "measure_id": "measure_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination, filtering by measure
Returns: Array of tasks, next_cursor for pagination

Example:
AI: "List all tasks"
    [Uses listTasks tool]
AI: "Show tasks for measure measure_abc123"
    [Uses listTasks tool with measure_id filter]

getTask

🔍 Read-only

Get a task by ID.

Parameters: {
  "organization_id": "org_xxx",
  "task_id": "task_xxx"
}

Returns: Full task details

Example:
AI: "Get details for task task_abc123"
    [Uses getTask tool]

addTask

✏️ Write

Add a new task to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "title": "Task Title",
  "description": "Task description",
  "due_date": "2025-06-30"
}

Returns: Created task object

Example:
AI: "Add a task to review access control policies"
    [Uses addTask tool]

updateTask

✏️ Write

Update an existing task.

Parameters: {
  "organization_id": "org_xxx",
  "task_id": "task_xxx",
  "status": "COMPLETED"
}

Returns: Updated task object

Example:
AI: "Mark task task_abc123 as COMPLETED"
    [Uses updateTask tool]

assignTask

✏️ Write

Assign a task to a person.

Parameters: {
  "organization_id": "org_xxx",
  "task_id": "task_xxx",
  "user_id": "user_xxx"
}

Returns: Updated task with assignee

Example:
AI: "Assign task task_abc123 to user user_abc123"
    [Uses assignTask tool]

unassignTask

✏️ Write

Unassign a task from a person.

Parameters: {
  "organization_id": "org_xxx",
  "task_id": "task_xxx",
  "user_id": "user_xxx"
}

Returns: Updated task with assignee removed

Example:
AI: "Unassign task task_abc123 from user user_abc123"
    [Uses unassignTask tool]

deleteTask

✏️ Write

Delete a task.

Parameters: {
  "organization_id": "org_xxx",
  "task_id": "task_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete task task_abc123"
    [Uses deleteTask tool]

Snapshots

listSnapshots

🔍 Read-only

List all snapshots for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of snapshots, next_cursor for pagination

Example:
AI: "List all compliance snapshots"
    [Uses listSnapshots tool]

getSnapshot

🔍 Read-only

Get a snapshot by ID.

Parameters: {
  "organization_id": "org_xxx",
  "snapshot_id": "snapshot_xxx"
}

Returns: Full snapshot details

Example:
AI: "Get details for snapshot snapshot_abc123"
    [Uses getSnapshot tool]

takeSnapshot

✏️ Write

Take a snapshot of a collection of objects (risks, vendors, assets, data, nonconformities, obligations, continual improvements, or processing activities).

Parameters: {
  "organization_id": "org_xxx",
  "resource_type": "risks",
  "name": "Q1 2025 Risk Snapshot"
}

Returns: Created snapshot object

Example:
AI: "Take a snapshot of all current risks"
    [Uses takeSnapshot tool]

Documents

listDocuments

🔍 Read-only

List all documents for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of documents, next_cursor for pagination

Example:
AI: "List all policy documents"
    [Uses listDocuments tool]

getDocument

🔍 Read-only

Get a document by ID.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx"
}

Returns: Full document details

Example:
AI: "Get details for document doc_abc123"
    [Uses getDocument tool]

addDocument

✏️ Write

Add a new document to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "name": "Security Policy",
  "description": "Information security policy"
}

Returns: Created document object

Example:
AI: "Add a new Information Security Policy document"
    [Uses addDocument tool]

updateDocument

✏️ Write

Update an existing document.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "name": "Updated Policy Name"
}

Returns: Updated document object

Example:
AI: "Rename document doc_abc123"
    [Uses updateDocument tool]

deleteDocument

✏️ Write

Delete a document.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete document doc_abc123"
    [Uses deleteDocument tool]

listDocumentVersions

🔍 Read-only

List all versions for a document.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of document versions, next_cursor for pagination

Example:
AI: "List all versions of document doc_abc123"
    [Uses listDocumentVersions tool]

getDocumentVersion

🔍 Read-only

Get a document version by ID.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "version_id": "ver_xxx"
}

Returns: Full document version details including content

Example:
AI: "Get version ver_abc123 of document doc_abc123"
    [Uses getDocumentVersion tool]

createDraftDocumentVersion

✏️ Write

Create a new draft version from the latest published version.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx"
}

Returns: Created draft document version object

Example:
AI: "Create a new draft for document doc_abc123"
    [Uses createDraftDocumentVersion tool]

updateDocumentVersion

✏️ Write

Update an existing draft document version content.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "version_id": "ver_xxx",
  "content": "Updated policy content..."
}

Returns: Updated draft document version

Example:
AI: "Update the content of draft version ver_abc123"
    [Uses updateDocumentVersion tool]

deleteDraftDocumentVersion

✏️ Write

Delete a draft document version.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "version_id": "ver_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete draft version ver_abc123 of document doc_abc123"
    [Uses deleteDraftDocumentVersion tool]

publishDocumentVersion

✏️ Write

Publish a draft document version.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "version_id": "ver_xxx"
}

Returns: Published document version

Example:
AI: "Publish draft version ver_abc123 of document doc_abc123"
    [Uses publishDocumentVersion tool]

listDocumentVersionSignatures

🔍 Read-only

List all signatures for a document version.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "version_id": "ver_xxx"
}

Returns: Array of signatures for the document version

Example:
AI: "List all signatures for document version ver_abc123"
    [Uses listDocumentVersionSignatures tool]

getDocumentVersionSignature

🔍 Read-only

Get a document version signature by ID.

Parameters: {
  "organization_id": "org_xxx",
  "signature_id": "sig_xxx"
}

Returns: Full signature details

Example:
AI: "Get signature sig_abc123"
    [Uses getDocumentVersionSignature tool]

requestDocumentVersionSignature

✏️ Write

Request a signature for a document version.

Parameters: {
  "organization_id": "org_xxx",
  "document_id": "doc_xxx",
  "version_id": "ver_xxx",
  "user_id": "user_xxx"
}

Returns: Created signature request

Example:
AI: "Request user_abc123 to sign document version ver_abc123"
    [Uses requestDocumentVersionSignature tool]

cancelSignatureRequest

✏️ Write

Cancel a document version signature request.

Parameters: {
  "organization_id": "org_xxx",
  "signature_id": "sig_xxx"
}

Returns: Confirmation of cancellation

Example:
AI: "Cancel signature request sig_abc123"
    [Uses cancelSignatureRequest tool]

Meetings

listMeetings

🔍 Read-only

List all meetings for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of meetings, next_cursor for pagination

Example:
AI: "List all compliance meetings"
    [Uses listMeetings tool]

getMeeting

🔍 Read-only

Get a meeting by ID.

Parameters: {
  "organization_id": "org_xxx",
  "meeting_id": "meeting_xxx"
}

Returns: Full meeting details

Example:
AI: "Get details for meeting meeting_abc123"
    [Uses getMeeting tool]

addMeeting

✏️ Write

Add a new meeting to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "title": "Security Review Meeting",
  "date": "2025-03-15",
  "description": "Quarterly security review"
}

Returns: Created meeting object

Example:
AI: "Add a quarterly security review meeting for March 15"
    [Uses addMeeting tool]

updateMeeting

✏️ Write

Update an existing meeting.

Parameters: {
  "organization_id": "org_xxx",
  "meeting_id": "meeting_xxx",
  "status": "COMPLETED",
  "notes": "Meeting notes..."
}

Returns: Updated meeting object

Example:
AI: "Mark meeting meeting_abc123 as COMPLETED with notes"
    [Uses updateMeeting tool]

deleteMeeting

✏️ Write

Delete a meeting.

Parameters: {
  "organization_id": "org_xxx",
  "meeting_id": "meeting_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete meeting meeting_abc123"
    [Uses deleteMeeting tool]

listMeetingAttendees

🔍 Read-only

List all attendees for a meeting.

Parameters: {
  "organization_id": "org_xxx",
  "meeting_id": "meeting_xxx"
}

Returns: Array of meeting attendees

Example:
AI: "Show attendees for meeting meeting_abc123"
    [Uses listMeetingAttendees tool]

States of Applicability

listStatesOfApplicability

🔍 Read-only

List all states of applicability for the organization.

Parameters: {
  "organization_id": "org_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of SoA documents, next_cursor for pagination

Example:
AI: "List all states of applicability"
    [Uses listStatesOfApplicability tool]

getStateOfApplicability

🔍 Read-only

Get a state of applicability by ID.

Parameters: {
  "organization_id": "org_xxx",
  "soa_id": "soa_xxx"
}

Returns: Full SoA details

Example:
AI: "Get details for state of applicability soa_abc123"
    [Uses getStateOfApplicability tool]

addStateOfApplicability

✏️ Write

Add a new state of applicability to the organization.

Parameters: {
  "organization_id": "org_xxx",
  "name": "ISO 27001:2022 SoA",
  "framework_id": "framework_xxx"
}

Returns: Created SoA object

Example:
AI: "Create a new state of applicability for ISO 27001"
    [Uses addStateOfApplicability tool]

updateStateOfApplicability

✏️ Write

Update an existing state of applicability.

Parameters: {
  "organization_id": "org_xxx",
  "soa_id": "soa_xxx",
  "name": "Updated SoA Name"
}

Returns: Updated SoA object

Example:
AI: "Update state of applicability soa_abc123 name"
    [Uses updateStateOfApplicability tool]

deleteStateOfApplicability

✏️ Write

Delete a state of applicability.

Parameters: {
  "organization_id": "org_xxx",
  "soa_id": "soa_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Delete state of applicability soa_abc123"
    [Uses deleteStateOfApplicability tool]

exportStateOfApplicabilityPDF

🔍 Read-only

Export a state of applicability as a PDF document.

Parameters: {
  "organization_id": "org_xxx",
  "soa_id": "soa_xxx"
}

Returns: PDF document download URL

Example:
AI: "Export state of applicability soa_abc123 as a PDF"
    [Uses exportStateOfApplicabilityPDF tool]

listApplicabilityStatements

🔍 Read-only

List all applicability statements for a state of applicability.

Parameters: {
  "organization_id": "org_xxx",
  "soa_id": "soa_xxx",
  "size": 50,
  "cursor": "optional_cursor"
}

Supports: Pagination
Returns: Array of applicability statements, next_cursor for pagination

Example:
AI: "List all applicability statements for SoA soa_abc123"
    [Uses listApplicabilityStatements tool]

getApplicabilityStatement

🔍 Read-only

Get an applicability statement by ID.

Parameters: {
  "organization_id": "org_xxx",
  "statement_id": "stmt_xxx"
}

Returns: Full applicability statement details

Example:
AI: "Get details for applicability statement stmt_abc123"
    [Uses getApplicabilityStatement tool]

addApplicabilityStatement

✏️ Write

Add a control to a state of applicability with an applicability decision.

Parameters: {
  "organization_id": "org_xxx",
  "soa_id": "soa_xxx",
  "control_id": "control_xxx",
  "applicable": true,
  "justification": "Required for ISO 27001 compliance"
}

Returns: Created applicability statement

Example:
AI: "Add control control_abc123 as applicable to SoA soa_abc123"
    [Uses addApplicabilityStatement tool]

updateApplicabilityStatement

✏️ Write

Update the applicability and justification of an applicability statement.

Parameters: {
  "organization_id": "org_xxx",
  "statement_id": "stmt_xxx",
  "applicable": false,
  "justification": "Not relevant to our scope"
}

Returns: Updated applicability statement

Example:
AI: "Mark statement stmt_abc123 as not applicable with justification"
    [Uses updateApplicabilityStatement tool]

deleteApplicabilityStatement

✏️ Write

Delete an applicability statement from a state of applicability.

Parameters: {
  "organization_id": "org_xxx",
  "statement_id": "stmt_xxx"
}

Returns: Confirmation of deletion

Example:
AI: "Remove applicability statement stmt_abc123 from the SoA"
    [Uses deleteApplicabilityStatement tool]

---

Tool Naming Conventions

Tools follow consistent patterns:

• list*: Retrieve multiple items (supports pagination)
• get*: Retrieve a single item by ID
• add*: Create a new item
• create*: Create a derived item (e.g. a new draft from an existing version)
• update*: Modify an existing item
• delete*: Permanently remove an item
• link* / unlink*: Associate or dissociate resources
• assign* / unassign*: Assign or remove a person from a resource
• export*: Generate and download a file (e.g. PDF)
• take*: Capture a point-in-time snapshot
• invite*: Send an invitation
• remove*: Remove membership without deleting the user
• publish*: Make a draft publicly active
• cancel*: Cancel a pending request

Common Parameters

organization_id

All tools require an organization_id parameter to specify which organization to operate on.

Pagination

Tools that support pagination accept:

• size: Items per page (default: 20–100)
• cursor: Cursor from previous response

See Pagination for details.

Filtering

Many list tools support filtering:

• query: Text search across relevant fields
• status: Filter by status (OPEN, CLOSED, etc.)
• Resource-specific filters

Sorting

List tools support order_by:

{
  "order_by": {
    "field": "CREATED_AT",
    "direction": "DESC"
  }
}