Company Profile

The organizational scope informs the risk assessment, control selection, and report tailoring.

Company Name

Legal entity name used on the compliance report.

Industry

Number of Employees

Primary Security Owner

Person accountable for the security program.

Security Maturity Level

Self-assessed maturity using a CMM-style scale.

Compliance Goal

Types of Data Handled

Examples: PII, PCI, PHI, intellectual property.

Main Business Systems

Critical systems in scope for the assessment.