AV

Compliance overview

Continuous attestation across six frameworks.

Evidence collected automatically, evaluated continuously, surfaced for executive sign-off.

Composite score

93.6
+1.4%24h

Controls in scope

528
+0%24h6 frameworks

Open findings

25
-14.2%24h3 high · 22 med

Evidence freshness

98%
+0.6%24h< 7-day SLA

Framework

SOC 2 Type II

97

Controls

124

Gaps

2

Cycle

Q3 attestation

Framework

ISO 27001:2022

94

Controls

93

Gaps

4

Cycle

Surveillance audit · Oct

Framework

PCI DSS 4.0

91

Controls

108

Gaps

6

Cycle

Annual ROC

Framework

HIPAA Security

96

Controls

54

Gaps

1

Cycle

Continuous

Framework

NIST CSF 2.0

89

Controls

108

Gaps

9

Cycle

Internal review

Framework

GDPR · Art. 32

93

Controls

41

Gaps

3

Cycle

Q4 DPIA

Control coverage by domain

Access
Crypto
Logging
BCDR
Vendor
Privacy
Awareness
Asset
SOC2
80
98
96
77
61
66
86
100
ISO
95
75
60
67
88
100
90
69
PCI
60
69
90
100
88
67
60
75
HIPAA
92
100
86
66
61
77
96
98
NIST
84
65
62
79
97
97
78
61
GDPR
62
81
98
96
76
61
66
87

Audit timeline · next 12 weeks

  1. W +1SOC 2 Type II · sample collection

    GRC · ext. auditor

  2. W +3ISO 27001 surveillance audit kickoff

    Internal audit

  3. W +5PCI DSS 4.0 quarterly ASV scan

    Security ops

  4. W +7HIPAA risk assessment refresh

    Privacy office

  5. W +10NIST CSF 2.0 maturity self-assessment

    CISO office

Open findings

  • Access review cadence overdue · 3 apps

    FND-211 · SOC 2

    high

  • Key rotation evidence missing · ap-south-1

    FND-208 · PCI DSS

    high

  • Vendor reassessment lapsed · 2 suppliers

    FND-205 · ISO 27001

    medium

  • DPIA refresh required · marketing pipeline

    FND-202 · GDPR

    medium

  • BCDR test cycle behind plan

    FND-197 · NIST CSF

    medium