Ontologies #

Unlike a taxonomy, which simply provides a hierarchical way to categorize documents, an ontology plays a much more dynamic and critical role in automated compliance.

It acts as a formal, machine-readable model of your compliance domain, defining not just the types of entities (e.g., Policy, Control, Risk) but also the complex relationships between them (e.g., a Policy mitigates a Risk, or a Department is responsible for a Control).

This structured network of knowledge transforms unstructured legal text into a verifiable framework, allowing an automated system to perform sophisticated reasoning. This is the foundation for automated verification, enabling you to run checks like querying if a specific risk lacks a corresponding control or if a control is missing a responsible department.