Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.anomalyarmor.ai/llms.txt

Use this file to discover all available pages before exploring further.

Why Classification Matters for Compliance

Auditors ask: “Where is your PII?” You need an answer that isn’t “let me check.” AnomalyArmor’s auto-classification and custom tags give you:
  • Instant PII inventory across all databases
  • Audit-ready exports of sensitive data locations
  • Continuous monitoring as new tables appear

Common Compliance Scenarios

SOC 2 / Security Audits

Auditor asks: “Show me all tables containing customer data.” Your response:
  1. Go to AssetsFilterClassificationpii:*
  2. Export the filtered list
  3. Hand auditor a complete inventory

GDPR Data Mapping

Requirement: Know where personal data is stored. Your workflow:
  1. Auto-classification tags emails, names, addresses automatically
  2. Filter by pii:email, pii:name, pii:address
  3. Document each table’s purpose and retention policy using descriptions

Access Reviews

Requirement: Verify who can access sensitive data. Your workflow:
  1. Tag sensitive tables: sensitivity:high, sensitivity:medium
  2. Cross-reference with database permissions
  3. Use tags to prioritize access review scope
TagUse For
pii:email, pii:phone, etc.Auto-classified PII (automatic)
sensitivity:highManually flagged critical data
compliance:reviewedAudit trail of reviewed assets
compliance:gdpr-scopeGDPR-relevant data
retention:30-daysData retention policy

Audit Preparation Checklist

[ ] Run discovery to ensure catalog is current
[ ] Review auto-classification results for accuracy
[ ] Remove false positives (email_count ≠ PII)
[ ] Add manual tags for data auto-classification missed
[ ] Export filtered asset list for auditor
[ ] Document any exceptions with descriptions

Staying Compliant Over Time

New tables appear. Schemas change. Stay ahead:
  1. Alert on new PII: Create rule for “New asset detected” + filter by auto-classification
  2. Review cadence: Monthly review of compliance:needs-review tagged assets
  3. Discovery schedule: Run frequently enough to catch new tables before auditors do

Common Questions

How do I answer ‘where is our PII?’ during an audit?

Go to Assets, filter by classification pii:*, and export the list. You get a complete inventory of PII-tagged columns across every connected database. Pair with a manual spot-check for PII hidden in non-obvious column names.

Does AnomalyArmor help with GDPR data mapping?

Yes. Auto-classification tags emails, names, and addresses automatically. Filter by the relevant pii:* tags to map where personal data lives, then add retention or scope tags like compliance:gdpr-scope for documentation.

Can I flag tables as reviewed for audit purposes?

Use custom tags like compliance:reviewed and compliance:needs-review. Apply them manually or in bulk, then filter by tag to see what still needs attention.

What happens if a new table appears between audits?

Create an alert rule for “New asset detected” filtered by auto-classification. Every time discovery finds a new PII-tagged table, the alert fires so you can review it before the next audit cycle.