Conducting Assessments

Assessments are point-in-time evaluations of your compliance. Use them to prepare for audits or evaluate your current compliance posture.

To create a new assessment:

Once your assessment is created:

For each control, you’ll provide:

• Response—Describe how your organization meets the requirement. Be specific and reference actual policies, procedures, or systems.

• Artifacts—Attach evidence files that prove compliance, such as:

– Policy documents
– Screenshots
– Configuration exports
– Audit logs
– Test results

When you find a control you don’t fully meet:

This creates a clear audit trail of how compliance gaps were identified and addressed.

Your assessment dashboard shows:

• Total controls
• Controls completed
• Completion percentage
• Outstanding tasks/issues

Use this to monitor progress toward completing the assessment.

When your assessment is complete: