Panguard Report supports multiple output formats to fit different workflows: machine-readable JSON for automation, professional PDF for auditors, and console text for quick checks.
JSON is the default output format. It is designed for programmatic consumption, CI/CD integration, and data pipeline ingestion.
panguard report generate --framework iso27001 --format json --output-dir ./reports
JSON Structure
{
"metadata": {
"framework": "iso27001",
"version": "1.0.0",
"generatedAt": "2025-01-15T14:23:01.000Z",
"organization": "Your Company",
"language": "en"
},
"summary": {
"overallCompliance": 72,
"totalControls": 12,
"compliant": 8,
"partiallyCompliant": 2,
"nonCompliant": 2,
"notAssessed": 0
},
"controls": [
{
"id": "A.9.4",
"name": "System and Application Access Control",
"status": "non_compliant",
"findings": [
{
"severity": "high",
"title": "Weak password policy",
"description": "Minimum password length is 6 characters",
"remediation": "Set minimum password length to 12 characters"
}
]
}
]
}
Use Cases
- Feeding into dashboards and monitoring systems
- CI/CD pipeline compliance gates
- Trend analysis across multiple report runs
- Integration with GRC (Governance, Risk, Compliance) platforms
PDF output produces a professional, print-ready document suitable for auditor review and regulatory submission.
panguard report generate --framework iso27001 --format pdf --output-dir ./reports
PDF Sections
| Section | Contents |
|---|
| Cover Page | Organization name, framework, date, Panguard branding |
| Executive Summary | Overall compliance percentage, control status breakdown |
| Control Assessment | Per-control evaluation with status indicators |
| Findings Detail | Non-compliant items with evidence and severity |
| Remediation Plan | Prioritized remediation steps per finding |
| Appendix | Raw scan data, methodology notes |
PDF Features
- Color-coded compliance status indicators
- Severity-tagged findings with visual hierarchy
- Table of contents with page references
- No external dependencies required (server-side rendering)
Text Output (Console)
For quick compliance checks without generating files:
panguard report summary --framework iso27001
── ISO 27001 Compliance Summary ───────
Overall: 72% compliant
Compliant: 8/12 controls
Partial: 2/12 controls
Gap: 2/12 controls
Priority fixes:
1. Access Control - Enforce MFA
2. Incident Response - Define procedures
Bilingual Support
All output formats support English and Traditional Chinese:
| Flag Value | Language | Use Case |
|---|
--language en | English | International audits, global compliance |
--language zh-TW | Traditional Chinese | Taiwan TCSA reports, local regulatory submission |
- All section headers and labels
- Control names and descriptions
- Finding descriptions and remediation steps
- PDF cover page and formatting
# Traditional Chinese PDF report
panguard report generate \
--framework tw_cyber_security_act \
--format pdf \
--language zh-TW \
--output-dir ./reports
Before generating a report, you can validate your findings input file:
panguard report validate --input findings.json
- JSON schema compliance
- Required fields present
- Severity values are valid
- Control references match the target framework
Use --format json for automated workflows and --format pdf for human-reviewed deliverables. Both can be generated from the same scan data.
