1
Organization
2
Governance
3
Risk
4
Technical
5
Privacy
6
Documentation
Organization Information
Tell us about your organization to customize the assessment
Governance & Leadership
Assess your governance structure and leadership commitment
1. Does your organization have an established governance committee for compliance?
2. Are roles and responsibilities for security and privacy clearly defined?
3. Does top management demonstrate commitment to compliance?
4. Are policies approved and reviewed regularly by leadership?
Risk Management
Evaluate your risk assessment and management processes
5. Do you conduct regular risk assessments for security and privacy?
6. Is there a documented risk register with mitigation plans?
7. Are third-party and vendor risks assessed?
8. Do you have processes for continuous risk monitoring?
Technical Controls
Assess your technical security controls and implementations
9. Are access controls implemented with role-based permissions?
10. Is data encrypted both at rest and in transit?
11. Are security events logged and monitored?
12. Is there an incident response plan with defined procedures?
13. Are regular vulnerability assessments and penetration tests conducted?
Privacy Controls
Evaluate your data privacy practices and controls
14. Is personal data classified and protected appropriately?
15. Are Privacy Impact Assessments (PIAs) conducted for new projects?
16. Are data subject rights (access, correction, deletion) facilitated?
17. Is consent management implemented for data collection?
18. Are data retention policies defined and enforced?
Documentation & Compliance
Assess your documentation and compliance practices
19. Are all security and privacy policies documented and accessible?
20. Are internal audits conducted regularly?
21. Is there evidence of compliance maintained and up-to-date?
22. Are employees trained on security and privacy policies?
23. Is there a continuous improvement process for compliance?
Analyzing your compliance posture...
This may take a few moments
Overall Compliance Score
0%
Your compliance maturity assessment is complete