Introduction to RiskFlow
RiskFlow is a multi-tenant compliance, training, and vendor-risk platform built as a pnpm + Turborepo monorepo.
Key Features
- MSP and organization management with hierarchical tenancy
- Role-based access control via
@riskflow/permissions-utils - Training assignments, agreements, and vendor workflows
- Audit logging and document management
Actor classes
- MSP — managed service provider overseeing customer orgs
- ORG — customer organization (optionally a child of an MSP)
- VENDOR — external party linked per-org (not a platform user)
See the Developers Guide for setup and the Architecture Decisions (ADRs) for tenancy and identity rules.