The Need to Create Efficient Diagrams for Compliance

May 23, 2023

I’m not telling you something you don’t know; compliance with industry regulations and standards is of paramount importance. From data protection laws to quality management frameworks, our organizations across every sector we’ve researched need to demonstrate our adherence to these requirements. Our organizations invest a significant amount of time, effort, and resources to ensure operations adhere to these increasingly stringent regulations. In fact, for compliance purposes, it is essential to maintain auditable diagrams in various Authority Documents:

•    access path diagram,
•    application topology diagram,
•    data flow diagram,
•    network diagram,
•    procedure diagram,
•    site plan diagram or floor plan diagram,
•    software logic diagram,
•    system topology diagram,

Over fifty other diagrams have been mapped within the Unified Compliance Framework. Compliance diagrams can be placed roughly into two camps. The first camp is those set of diagrams  that should be created by the computer systems they apply to. The second camp is those set of diagrams that can be created by Generative Artificial Intelligence (GAI) applications like those from OpenAI, Amazon, etc. with ChatGPT being the most commonly heard of GAI. Both sets of diagrams either should or can begin as Diagrams as Code. Why? With the advent of PlantUML, a powerful language for diagramming in a plain text language, compliance efficiency comes into play.

How do diagrams created using text create compliance efficiency? Easy. Diagrams as code enable organizations to easily generate different types of diagrams from a single source – plain text language. Instead of an organization using LucidChart, Miro, FigJam, Visio, Gliffy, SmartDraw,, Sketch, blah blah blah blah blah, your team can create the diagrams using text, and then let the software turn that text into art. If you natively draw a diagram using any of the software tools mentioned above, you are locked into that application. If you start with PlantUML, then any of the tools above that support PlantUML can be used to edit the diagram (and return it back as text as well). This reduces complexity. This reduces the cost of software, training, and overhead of working with multiple incompatible formats - Compliance Efficiency.

What are Diagrams as Code?

Originally, Diagrams as code was an approach to creating visual diagrams, such as network diagrams or architecture diagrams, using code rather than a graphical user interface. Diagrams as code are a paradigm shift for visual communication intended to allow developers, engineers, and other technical professionals to represent visual models using familiar code syntax. With diagrams as code, the diagram is generated from the code produced by software, rather than being created manually using a visual editor.

With the advent of GAI, diagrams can be created from simple prompts. For instance, the ChatGPT-4 prompts below…

Generate a short description of the following procedure [procedure] by the [R] where 
the [A] is accountable and the [C] is informed for [company name]. 

[procedure] = create media policy 
[R] = Media Relations Manager 
[A] = Human Resources Manager 
[C] = Legal Team 
[company name] = Unified Compliance

Outline the procedure steps for the above.

Generate a sequence diagram in PlantUML format for procedure the above.

… generate the following text (including a PlantUML diagram as code)…

The Media Relations Manager will create a media policy for Unified Compliance in collaboration 
with the Human Resources Manager who will ensure that the policy follows company standards and regulations. 
The Legal Team will also be informed of the creation of the pol-icy to provide legal oversight.

Procedure Steps:

The Media Relations Manager will research and draft the media policy.
The Human Resources Manager will review the policy for compliance with company standards and regulations.
The Legal Team will be informed of the policy and provide legal oversight.
The policy will be revised and finalized as needed.
The policy will be distributed to all relevant employees and stakeholders.
Sequence Diagram:

actor “Media Relations Manager” as MR
participant “Human Resources Manager” as HR
participant “Legal Team” as LT

MR -> HR: Draft media policy
HR -> HR: Review policy for compliance
HR -> LT: Inform of policy creation
LT -> LT: Provide legal oversight
HR -> MR: Provide feedback on policy
MR -> HR: Revise policy as needed
MR -> HR: Finalize policy
MR -> HR: Distribute policy to relevant parties

… for which the visual diagram looks like this:

Visual diagram of PlantUML Diagram as Code

Visual diagram of PlantUML Diagram as Code

Can Diagrams as Code be used for regulatory diagramming requirements?

One of the significant advantages of using diagrams as code for compliance is the ability to capture detailed information about the system in a concise and standardized manner. Traditional visual diagrams often lack the necessary level of detail required for compliance purposes. With diagrams as code, organizations can document their systems down to the most minor components, providing auditors and regulatory bodies with a comprehensive view of the organization's processes and data disclosures.

Moreover, diagrams as code enable organizations to easily generate different types of diagrams from a single source. With a well-defined codebase, organizations can automatically generate class diagrams, activity diagrams, entity-relationship diagrams, and other visual representations of their systems. This flexibility allows project managers and compliance teams to extract the information they need in various forms, depending on the specific compliance requirements.

The use of diagrams as code also provides a great help in maintaining consistency across different projects and teams. When compliance regulations change or new projects are initiated, organizations can quickly leverage existing code templates and frameworks to quickly generate compliant diagrams. This consistency ensures that compliance standards are upheld throughout the organization and reduces the risk of non-compliance due to human error or oversight.

What do the regulators say about Diagrams as Code?

Right now, nothing specific. However, the National Institute of Standards and Technology (NIST) provides guidelines for creating diagrams that meet regulatory requirements. While the guidelines do not specifically address diagrams as code, they do provide useful information on creating clear, accurate diagrams that comply with applicable standards. In addition, the International Organization for Standardization (ISO) provides standards for creating diagrams that meet regulatory requirements. ISO 5807:1985, for example, provides guidelines for creating flowcharts that comply with international standards. While this standard predates diagrams as code, the principles it outlines may still be relevant.

What tools can be used to create Diagrams as Code?

Several tools are available for creating diagrams as code, each with its own set of features and capabilities. Here are a few popular options:

  • PlantUML: PlantUML is a tool that allows you to create UML diagrams using a simple and intuitive language. The diagrams are created as code and can be easily integrated into various documents and presentations. It supports various types of diagrams, including sequence diagrams, class diagrams, work breakdown structure diagrams, use case diagrams, and more.
  • Graphviz: Graphviz is a tool for creating diagrams using plain text language. It can be used to create various types of diagrams, including directed and undirected graphs, flowcharts, and more. Graphviz can also be integrated with other software tools and programming languages.
  • Mermaid: Mermaid is a tool that allows you to create various types of diagrams, including flowcharts, sequence diagrams, class diagrams, and more, using simple text and intuitive language. It also supports real-time collaboration and can be integrated with various software tools and platforms.
  •  is a web-based diagramming tool that allows you to create various types of diagrams using a drag-and-drop interface. It supports a wide range of diagram types, including flowcharts, UML diagrams, network diagrams, and more. also allows for real-time collaboration and integration with various software tools and platforms.

All of these tools offer a range of features and capabilities for creating diagrams as code, and the best option will depend on your specific needs and preferences. For our purposes here, we are going to focus on PlantUML.

What should we do now?

Right now, right this second, if you are a subscriber, click HERE and fill out a form to get on the “early access” list.