Compliance OS

Vendor Workspace

Demo ModeSample Data Only

This is a Demo Compliance Environment

No real customer data is stored here. All organizations, evidence, assessments, and control updates are seeded sample/demo data for product demonstrations.

Active demo organization: King's Healthcare, Inc. (Demo Organization)

Vendor self-assessment workspace

test

test NIST80053 Audit 2026-02-25

Status: IN PROGRESSCustomer: Ball State UniversityEngagement: Ball State Vendor Risk ProgramDue: Apr 11, 20261 framework
Control LibraryEvidence CenterOpen Audit Review
Assigned Assessments
Switch between vendor audits and framework-specific questionnaires.
test NIST80053 Audit 2026-02-25King's FinTech, Inc. Assurance Readiness SprintKing's FinTech, Inc. Control Validation ReviewKing's FinTech, Inc. Annual Security Compliance Audit 2026
Total Controls
6

1 framework scope

Applied Controls
6

6 fully implemented

Tasks (Open)
0

0 overdue POA&M items

Evidence Linked
0

0 awaiting customer review

High-Risk Gaps
0

0 needs info/rejected

Control Completion
Answered controls vs total in scope
6 / 6
100% complete
Submission Readiness
Combines completion, evidence, and open high-risk gaps
55%
55% complete
Risk Assessment Score
Higher is better (lower open-risk exposure)
100
100% complete
Control Status Breakdown
Implementation state distribution across this audit scope.
Controls
6
Implemented
6
100%
Request Queue Breakdown
What is blocking submission or requires follow-up.
No chart data available yet.
Domain Completion
Answered controls by domain (top incomplete domains surface first).
Framework Scope
Frameworks currently included in this vendor assessment.

NIST SP 800-53

NIST80053 · Rev. 5

6 controls
100%
Domain Progress
Accordion view for control domains, completion, evidence, and top gaps.

Access Control

2 / 2 controls answered

100%
2 implemented0 open

Implementation Coverage

100%

Includes fully implemented controls only

Evidence Coverage

0%

Controls with at least one linked evidence item

High Risk Gaps

0

Open controls marked High/Critical

Top Gaps

No open gaps in this domain.

Audit and Accountability

1 / 1 controls answered

100%
1 implemented0 open

Implementation Coverage

100%

Includes fully implemented controls only

Evidence Coverage

0%

Controls with at least one linked evidence item

High Risk Gaps

0

Open controls marked High/Critical

Top Gaps

No open gaps in this domain.

Configuration Management

1 / 1 controls answered

100%
1 implemented0 open

Implementation Coverage

100%

Includes fully implemented controls only

Evidence Coverage

0%

Controls with at least one linked evidence item

High Risk Gaps

0

Open controls marked High/Critical

Top Gaps

No open gaps in this domain.

Incident Response

1 / 1 controls answered

100%
1 implemented0 open

Implementation Coverage

100%

Includes fully implemented controls only

Evidence Coverage

0%

Controls with at least one linked evidence item

High Risk Gaps

0

Open controls marked High/Critical

Top Gaps

No open gaps in this domain.

Risk Assessment

1 / 1 controls answered

100%
1 implemented0 open

Implementation Coverage

100%

Includes fully implemented controls only

Evidence Coverage

0%

Controls with at least one linked evidence item

High Risk Gaps

0

Open controls marked High/Critical

Top Gaps

No open gaps in this domain.

Customer Requests / POA&M
Controls needing remediation action, evidence, or reviewer follow-up.

AC-17 Remote Access

IMPLEMENTEDDRAFTevidence neededowner unassignedDue in 45d

AC-2 Account Management

IMPLEMENTEDDRAFTevidence neededowner unassignedDue in 45d

AU-6 Audit Review, Analysis, and Reporting

IMPLEMENTEDDRAFTevidence neededowner unassignedDue in 45d

CM-6 Configuration Settings

IMPLEMENTEDDRAFTevidence neededowner unassignedDue in 45d

IR-4 Incident Handling

IMPLEMENTEDDRAFTevidence neededowner unassignedDue in 45d

RA-5 Vulnerability Monitoring and Scanning

IMPLEMENTEDDRAFTevidence neededowner unassignedDue in 45d
Control Workbench
Vendor-ready questionnaire table for implementation status, risk, owners, and evidence.
ControlDomainFrameworkStatusCustomer ReviewEvidence ReviewRiskEvidencePOA&MOwnerDue

AC-17 Remote Access

Access ControlNIST80053IMPLEMENTEDDRAFT
Missing
Apr 11, 2026
Due in 45d

AC-2 Account Management

Access ControlNIST80053IMPLEMENTEDDRAFT
Missing
Apr 11, 2026
Due in 45d

AU-6 Audit Review, Analysis, and Reporting

Audit and AccountabilityNIST80053IMPLEMENTEDDRAFT
Missing
Apr 11, 2026
Due in 45d

CM-6 Configuration Settings

Configuration ManagementNIST80053IMPLEMENTEDDRAFT
Missing
Apr 11, 2026
Due in 45d

IR-4 Incident Handling

Incident ResponseNIST80053IMPLEMENTEDDRAFT
Missing
Apr 11, 2026
Due in 45d

RA-5 Vulnerability Monitoring and Scanning

Risk AssessmentNIST80053IMPLEMENTEDDRAFT
Missing
Apr 11, 2026
Due in 45d
This vendor workspace is designed for customer-facing audits and self-assessments. It supports framework-scoped progress tracking, evidence collection, and POA&M-style remediation queues for HIPAA, NIST CSF, SOC 2, ISO 27001, CIS Controls, and the added NIST 800-171 / 800-172 / 800-53 frameworks.