Policy validation, drift radar, exceptions, waivers, compliance scoring across GDPR, SOC 2, ISO 27001, and custom policies.