/
Compliance Assessment

Compliance Assessment

Owned by Ryan Seymour, created
Feb 10, 2025
4 min read

You can find this module at the Company level only.

A compliance assessment is an evaluation process designed to determine whether an organization or system adheres to regulatory requirements, industry standards, or internal policies. These assessments can cover various areas, including financial regulations, data protection and privacy laws, cybersecurity standards, health and safety protocols, environmental regulations, and more.

The primary goals of a compliance assessment are to:

  1. Identify Gaps: Determine where the organization's practices might not meet the required standards or regulations.

  2. Mitigate Risks: Understand the potential risks associated with non-compliance, including legal penalties, financial losses, reputational damage, and operational disruptions.

  3. Recommend Improvements: Provide actionable insights and recommendations to help the organization address compliance gaps and improve its overall compliance posture.

  4. Ensure Accountability: Assign responsibility for compliance to specific organizational roles or departments.

  5. Demonstrate Compliance: Help organizations prove to regulators, partners, customers, and other stakeholders that they fully comply with relevant regulations and standards.

MSPs can allow customers to join the portal to perform their self-assessments. Generally, MSPs do not conduct assessments on behalf of their customers.

CS-Video.png

Visit our YouTube Channel for more video content: https://www.youtube.com/@connectsecure

Table of Contents

Compliance Assessment - Details

Access the Compliance Assessment from the Compliance category.

image-20250210-173621.png

The following compliance assessments are available.

Standard

Source

Standard

Source

CIS v8

https://www.cisecurity.org/controls/cis-controls-navigator/v8

CMMC (Cybersecurity Maturity Model Certification)

https://www.cisa.gov/resources-tools/resources/cybersecurity-maturity-model-certification-20-program

Cyber Essentials

https://www.ncsc.gov.uk/cyberessentials/overview

https://iasme.co.uk/

DORA (Digital Operational Resilience Act)

https://www.eiopa.europa.eu/digital-operational-resilience-act-dora_en

Essential Eight

https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight

FADP (Federal Act on Data Protection)

https://www.edoeb.admin.ch/edoeb/en/home/datenschutz/grundlagen/dsfa.html

GDPR (General Data Protection Regulation)

https://gdpr-info.eu/

HIPAA

https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html

HITRUST

https://hitrustalliance.net/

NIST 171 Rel2

https://csrc.nist.gov/pubs/sp/800/171/r2/upd1/final

NIST 800-53

https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final

NIST CSF 2.0 (NIST Cybersecurity Framework)

https://www.nist.gov/informative-references

NIS 2

https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022L2555

NYDFS (New York Department of Financial Services)

https://www.dfs.ny.gov/industry_guidance/cybersecurity

PCI-DSS v4.0

https://www.pcisecuritystandards.org/document_library/

WISP IRS

https://www.irs.gov/newsroom/a-written-information-security-plan-protects-tax-pros-and-their-clients

Tap on the Start Assessment button to get started.

image-20240403-212457.png

You will see a table view where any existing assessments will be displayed. This will show the Name, Start Date, Last Updated Date, Completed Date, Status, and an Action menu.

image-20240403-212610.png

To begin a new assessment, click on the +Add button.

image-20240403-212645.png

Give the Assessment a name and save it.

image-20240403-212747.png

The assessment will display the number of sections with their description and the number of questions on the left panel.

image-20240403-212855.png

You can tap on the section name to see the questions. The answers do not have to be completed in any order and can be saved as a ‘draft,’ so you may revisit the assessment many times until it is fully completed.

Tap the upload evidence icon next to any question if you have any supported documents or files to provide.

image-20240403-213050.png
image-20240403-213112.png

After all questions from each section are completed, you will see the status as Completed and can use the Action menu to View/Download your completed assessment.

image-20240403-213542.png

The file will be saved as a standard ZIP folder using the Assessment Name with a date range and time stamp; here is an example completed on April 3rd

image-20240403-213653.png

The folder will contain a Word document and an Excel file with the provided data.

image-20240403-213757.png

Compliance Assessment - Toolbar Options

image-20250210-174344.png

Alerts

View our timeline style of System Events captured for each company. You can set an optional date filter range to target a specific date range of events.

image-20250206-143947.png

Info

Tap here to view your V4 Getting Started Info.

https://cybercns.atlassian.net/wiki/x/MIDKfw

Help Link

image-20250206-144503.png

Click to access the related documentation page; this link is functional on all screens and will take you to the appropriate documentation page.

Layout Settings

Here, you can change the UI look and feel using various options, including the Theme for color, the Scheme for dark and light mode, the Layout for toolbar and module positions, and the toggle to set the table view default.

I prefer the Teal color, Light mode, and Classic layout with an asset table view.

image-20250206-150338.png

Get Support

Our support team is here to help. Use one of three options to start a support request.

  1. Email to support@connectsecure.com

  2. Login to our Freshdesk partner portal at https://cybercns.freshdesk.com

image-20240206-144508.png

Related content