Documentation
Meridian covers programs, controls, evidence, audits, reporting, remediation, trust workflows, and SOX-capable oversight.
Meridian Manual
Meridian is the Cadres operating system for audit, compliance, and control follow-through. It brings programs, controls, evidence, reporting, remediation, and stakeholder visibility into one working model.
This manual is written for the teams who need Meridian to stay understandable in production. It starts with the public operating model, then layers in detailed operator guides drawn from the product manuals without exposing private implementation or setup material.
Meridian Topics
Compliance Core
Program structure, framework mapping, control ownership, evidence models, and operational posture.
Evidence readiness, audit workflow, auditor collaboration, questionnaires, and review cadence.
Oversight & Follow-through
Executive reporting, trust workflows, remediation follow-through, reviews, and stakeholder visibility.
Detailed Operator Guides
Program structure, scope ownership, framework planning, and the operating boundary for a compliance effort.
Control creation, ownership, mapping, exceptions, testing, and the workflow that makes a control library usable.
Coverage analysis, control relationships, and higher-signal views that help teams manage a control estate as it grows.
Evidence collection, review state, freshness, and the working practices that keep evidence tied to real controls.
Coverage visibility, readiness gaps, and the relationship between controls, evidence, and audit confidence.
Requirement coverage, gaps, exceptions, and the review model teams use to judge audit readiness honestly.
Audit planning, request handling, operator coordination, and the cadence that keeps audit work from becoming a scramble.
Bounded external access, auditor collaboration, and the model Meridian uses to share review material without losing control.
Audit outputs, review packages, and the reporting layer teams use to communicate current audit state clearly.
Periodic access review execution, reviewer accountability, and the workflow that keeps sensitive access visible.
Leadership-facing posture views, concise status communication, and the summaries used to explain program state without flattening it.
Operational reporting, stakeholder visibility, and the reporting surfaces used to track posture over time.
Recurring reporting cadence, audience targeting, and the operational discipline around scheduled compliance output.
Findings-to-action workflow, ownership handoff, and the model Meridian uses to keep remediation tied to real systems and teams.
Controlled external communication, trust materials, and the process for showing posture without oversharing it.
Risk tracking, ownership, and the way Meridian keeps exposure tied to the controls and findings that drive it.
Concentration of exposure, prioritization signals, and the visual model teams use to discuss risk with leadership.
Read Path
Native Handoffs
Portal supplies identity and access context that Meridian can use for reviews, evidence, and access-related controls.
Keystone gives Meridian business and financial operating context when commercial or finance controls need to be monitored.
RMM gives Meridian operational signals and remediation context when infrastructure or endpoint control becomes part of the control environment.
