first draft

LemonAid711 · LemonAid711 · commit e8a9e045d66f · 2026-03-17T10:04:04.000-05:00
diff --git a/docs/docs/platform/quickstartguide.mdx b/docs/docs/platform/quickstartguide.mdx
@@ -0,0 +1,121 @@
+---
+sidebar_position: 2
+sidebar_label: Quickstart Guide
+title: Quickstart Guide -  Getting Started with Openlane
+description: Open-source compliance automation platform for managing security, risk, and regulatory requirements. Streamline SOC 2, ISO 27001, NIST, GDPR, and HIPAA compliance.
+---
+
+You made it to Openlane! 
+If you’ve just started your trial, the fastest way to understand the platform is to build something real.
+
+This guide walks you through the first few steps to get your environment set up and your compliance program taking shape.
+
+
+## 1. Set Up Your Organization
+
+Start by configuring how your team will access Openlane.
+
+**Navigate to:** `Organization settings`
+
+### What to do:
+- In `Authentication`, add your **allowed email domains**
+  - Example: `yourcompany.ai`
+  - Include domains for any **fractional support** (consultants, VCISOs) if applicable
+- Choose whether to **allow auto-join**
+  - Enabled → anyone with an approved domain can join automatically  
+  - Disabled → users must be invited manually
+
+:::tip
+If you're working with a fractional CISO or consultant, adding their domain upfront makes collaboration much smoother.
+:::
+
+## 2. Invite Your Team
+
+Compliance is a team sport. Bring in the people who are helping you build and manage your program.
+
+**Navigate to:** `User Management`
+
+### What to do:
+- Invite teammates across:
+  - Engineering
+  - Security / IT
+  - HR / People Ops
+  - Leadership
+- Assign roles as needed
+
+:::tip
+**No per-user fees.**  
+Invite your whole team — not just a “compliance owner.” The best programs reflect how your organization actually operates, so we don't charge you more for building your program the right way and growing your business.
+:::
+
+## 3. Add a Standard
+
+Next, define what you're working toward.
+
+**Navigate to:** `Standards Catalog`
+
+### What to do:
+- Click `Details` and select a relevant domain. For SOC 2, these are the Trust Services Criteria (remember, Security is the only required TSC)
+- Select and enable a framework:
+  - SOC 2
+  - ISO 27001
+  - HIPAA
+  - ISO 42001
+- You can enable **multiple frameworks** without duplicating work.
+
+:::tip**Openlane is made to support your success.**  
+Turn on only what you need now and expand later without starting over.
+:::
+
+## 4. Upload Controls
+
+Controls are the backbone of your program. They define how you actually meet requirements.
+
+Full guide:  
+https://docs.theopenlane.io/docs/platform/compliance-management/onboarding/controls
+
+### What to do:
+- Create or import controls that reflect your **real processes**
+- Map them to your selected framework(s)
+
+:::tip**Don’t over-engineer this.**  
+Your selected auditor will likely provide "suggested controls", which can help you get started.
+:::
+
+## 5. Upload Policies
+
+Policies define intent. Controls prove execution.
+
+Full guide:  
+https://docs.theopenlane.io/docs/platform/compliance-management/onboarding/policies
+
+### What to do:
+- Upload existing policies (if you have them)
+- Or generate new ones using Openlane's integrated AI
+- Link policies to relevant controls
+
+:::tip**Policies don’t need to be perfect on day one.**  
+They should evolve alongside your program.
+:::
+
+
+## What’s Next: Start Customizing
+
+Now that you have the foundation:
+
+- Refine controls to match how your team actually works  
+- Upload real evidence from your existing tools  
+- Assign ownership across your team  
+
+### Explore next:
+- **Registry** → Track assets, vendors, and personnel  
+- **Exposure** → Manage vulnerabilities, findings, and remediations  
+
+
+## Want Help?
+
+If you want to go faster, we’ll build it with you.
+
+**Book time:** https://calendly.com/kwaters-theopenlane  
+
+_No slides. No sales pitch. Just direct access to our experience._
