Compliance Status

GOVERN

80%

4 categories, 12 subcategories

IDENTIFY

85%

6 categories, 29 subcategories

PROTECT

82%

6 categories, 39 subcategories

DETECT

70%

3 categories, 18 subcategories

RESPOND

75%

5 categories, 16 subcategories

RECOVER

68%

3 categories, 6 subcategories

NIST CSF Compliance Details

Function Category Subcategory Description Status Evidence Last Updated Actions
IDENTIFY (ID)
Asset Management (ID.AM)
ID ID.AM ID.AM-1 Physical devices and systems inventory Compliant 3 2025-04-10
ID ID.AM ID.AM-2 Software platforms and applications inventory Compliant 2 2025-04-08
ID ID.AM ID.AM-3 Organizational communication and data flows Partially Compliant 1 2025-04-05
ID ID.AM ID.AM-4 External information systems catalog Non-Compliant 0 2025-03-20
Business Environment (ID.BE)
ID ID.BE ID.BE-1 Organization's role in the supply chain Compliant 2 2025-04-02
ID ID.BE ID.BE-2 Organization's place in critical infrastructure Not Applicable 1 2025-03-15
PROTECT (PR)
Identity Management and Access Control (PR.AC)
PR PR.AC PR.AC-1 Identities and credentials are issued, managed, verified, revoked, and audited Partially Compliant 3 2025-04-12
Page 1 of 8

Organizational

85%

37 controls

People

90%

8 controls

Physical

78%

14 controls

Technological

75%

34 controls

Statement of Applicability (SoA)

93
Total Controls
87
Applicable Controls
6
Excluded Controls
82%
Overall Compliance

ISO 27001 Compliance Details

Theme Control ID Control Name Applicable Status Evidence Last Updated Actions
Organizational Controls
Organizational A.5.1 Policies for information security Yes Compliant 4 2025-04-10
Organizational A.5.2 Information security roles and responsibilities Yes Compliant 3 2025-04-08
Organizational A.5.3 Segregation of duties Yes Partially Compliant 2 2025-04-05
People Controls
People A.6.3 Awareness, education and training Yes Compliant 5 2025-04-12
People A.6.4 Disciplinary process Yes Compliant 2 2025-03-30
Page 1 of 5

Integrated Compliance View

This view shows the mapping between NIST CSF and ISO 27001 controls, allowing you to track compliance across both frameworks simultaneously.

Framework Mapping

NIST CSF ISO 27001 Control Description NIST Status ISO Status Evidence Actions
ID.AM-1 A.5.9 Inventory of assets Compliant Compliant 4
ID.BE-1 A.5.4 Organization's role in supply chain Compliant Compliant 2
ID.GV-1 A.5.1 Information security policy Compliant Compliant 3
PR.AC-1 A.5.15 Access control Partially Compliant Partially Compliant 3
PR.AT-1 A.6.3 Security awareness and training Compliant Compliant 5
PR.DS-1 A.5.12 Classification of information Partially Compliant Compliant 2
DE.CM-1 A.8.16 Monitoring activities Non-Compliant Partially Compliant 1
Page 1 of 12