Compliance Requirement Deep Dive
Actionable Deep Dives
Requirements needing action, ordered by severity and backed by source evidence.
Host Firewall Enforcement Partial
A4.1 · Danzel-3.3-A4_1
Do you have firewalls at the boundaries between your organisation's internal networks, laptops, desktops, servers, and the internet?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365 and close identified control gaps.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Unknown
A4.1.1 · Danzel-3.3-A4_1_1
Do you have software firewalls enabled on all of your computers, laptops and servers?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365 to establish a defensible status.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Partial
A4.2 · Danzel-3.3-A4_2
When you first receive an internet router or hardware firewall device, it may have had a default password on it. Have you changed all the default passwords on your boundary firewall devices?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365 and close identified control gaps.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Unknown
A4.2.1 · Danzel-3.3-A4_2_1
Please describe the process for changing your firewall password.
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365 to establish a defensible status.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Partial
A4.4 · Danzel-3.3-A4_4
Do you change your firewall password when you know or suspect it has been compromised?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365 and close identified control gaps.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Unknown
A4.5 · Danzel-3.3-A4_5
Do you have a process to manage your firewall?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365 to establish a defensible status.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Partial
A4.7 · Danzel-3.3-FW-1
Are host firewalls enabled and configured to block unauthorized inbound network connections on supported endpoints?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365 and close identified control gaps.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Unknown
A4.8 · Danzel-3.3-A4_8
Please describe how you approve and document your allowed inbound connections.
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365 to establish a defensible status.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Partial
A4.10 · Danzel-3.3-A4_10
If you answered yes in question A4.9, is there a documented business requirement for this access?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365 and close identified control gaps.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Host Firewall Enforcement Unknown
A4.11 · Danzel-3.3-A4_11
If you answered yes in question A4.9, is the access to your firewall settings protected by either multi-factor authentication or by only allowing trusted IP addresses combined with managed authentication to access the settings?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365 to establish a defensible status.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Partial | Device Group: Rocinante Fleet Endpoints | Host firewall runtime state | Most devices enforce host firewall policy, but 2 field laptops still have public profile exceptions pending review. | 06/07/2026 19:57:44 +00:00 |
| HaloPSA-Demo | Compliant | Change Queue: Firewall Management Access | Documented business requirement for remote firewall administration | Remote firewall administration is ticketed, approved, and linked to a documented operational requirement. | 06/07/2026 19:48:44 +00:00 |
Secure Configuration Baseline Partial
A5.2 · Danzel-3.3-SC-1
Are systems and identities configured to an approved secure baseline with unnecessary features disabled?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365, NinjaOne and close identified control gaps.
No direct evidence records were returned for this requirement.
Secure Configuration Baseline Unknown
A5.3 · Danzel-3.3-A5_3
Have you changed the default password for all user and administrator accounts on all your desktop computers, laptops, thin clients, servers, tablets and mobile phones?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365, NinjaOne to establish a defensible status.
No direct evidence records were returned for this requirement.
Secure Configuration Baseline Partial
A5.5 · Danzel-3.3-A5_5
If yes to question A5.4, which authentication option do you use?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365, NinjaOne and close identified control gaps.
No direct evidence records were returned for this requirement.
Secure Configuration Baseline Unknown
A5.6 · Danzel-3.3-A5_6
Describe the process in place for changing passwords on your external services when you believe they have been compromised.
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365, NinjaOne to establish a defensible status.
No direct evidence records were returned for this requirement.
Secure Configuration Baseline Partial
A5.8 · Danzel-3.3-A5_8
Have you disabled any feature which allows automatic file execution of downloaded or imported files without user authorisation?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365, NinjaOne and close identified control gaps.
No direct evidence records were returned for this requirement.
Secure Configuration Baseline Unknown
A5.9 · Danzel-3.3-A5_9
When a device requires a user to be present, do you set a locking mechanism on your devices to access the software and services installed?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365, NinjaOne to establish a defensible status.
No direct evidence records were returned for this requirement.
Security Update Currency Partial
A6.1 · Danzel-3.3-A6_1
Are all operating systems on your devices supported by a vendor that produces regular security updates and vulnerability fixes?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Security Update Currency Unknown
A6.2 · Danzel-3.3-A6_2
Is all the software on your devices supported by a supplier that produces regular vulnerability fixes for any security problems?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Security Update Currency Partial
A6.2.2 · Danzel-3.3-A6_2_2
Please list your malware protection software.
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Security Update Currency Unknown
A6.2.3 · Danzel-3.3-A6_2_3
Please list your email applications installed on end user devices and servers.
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Unsupported Software Remediation Partial
A6.3 · Danzel-3.3-A6_3
Are any of the in-scope software or cloud services unlicensed or unsupported?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: HaloPSA, M365 and close identified control gaps.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Compliant | Device Group: Rocinante Mission Hosts | Unsupported software inventory | No unsupported software detected in current inventory baseline. | 06/07/2026 19:08:44 +00:00 |
Unsupported Software Remediation Unknown
A6.3.1/A6.6/A6.7 · Danzel-3.3-SUM-2
Is unsupported or end-of-life software identified and remediated with accountable ownership?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: HaloPSA, M365 to establish a defensible status.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| NinjaOne-Demo | Compliant | Device Group: Rocinante Mission Hosts | Unsupported software inventory | No unsupported software detected in current inventory baseline. | 06/07/2026 19:08:44 +00:00 |
Security Update Currency Partial
A6.4.1 · Danzel-3.3-A6_4_1
Are all updates applied for operating systems by enabling auto updates?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Security Update Currency Unknown
A6.4.2 · Danzel-3.3-A6_4_2
Where auto updates are not being used, how do you ensure all high-risk or critical security updates and vulnerability fixes of all operating systems and firmware on firewalls and routers are applied within 14 days of release?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Security Update Currency Partial
A6.5.2 · Danzel-3.3-A6_5_2
Where auto updates are not being used, how do you ensure all high-risk or critical security updates of all applications are applied within 14 days of release?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| HaloPSA-Demo | Partial | Patch Queue: Belt Relay Endpoints | Patch SLA workflow | Four tracked items exceeded the agreed remediation window. | 06/07/2026 20:00:44 +00:00 |
| M365-Intune-Demo | Partial | Intune Update Compliance: Fleet Tablets | Windows quality update cadence | Five tablets are outside update deployment deadline and pending restart completion. | 06/07/2026 19:39:44 +00:00 |
| NinjaOne-Demo | Partial | Devices: Belt Fleet Tablets (5) | Patch compliance window | Unmanaged tablets are outside the required patch SLA window. | 06/07/2026 19:30:44 +00:00 |
Privileged Account Separation Unknown
A7.1 · Danzel-3.3-A7_1
Are your users only provided with user accounts after a process has been followed to approve their creation? Describe the process.
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Partial
A7.3 · Danzel-3.3-A7_3
How do you ensure you have deleted, or disabled, any accounts for staff who are no longer with your organisation?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Unknown
A7.4 · Danzel-3.3-A7_4
Do you ensure that staff only have the access privileges that they need to do their current job? How do you do this?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Partial
A7.6 · Danzel-3.3-UAC-1
Are administrative accounts separate from standard user accounts and used only for administrative tasks?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Unknown
A7.7 · Danzel-3.3-A7_7
How does your organisation prevent administrator accounts from being used to carry out everyday tasks like browsing the web or accessing email?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Partial
A7.9 · Danzel-3.3-A7_9
Do you review who should have administrative access on a regular basis?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Unknown
A7.10 · Danzel-3.3-A7_10
Where you have systems that require passwords (or where passwords are a backup for a passwordless system), how are they protected from brute-force attacks?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Partial
A7.12 · Danzel-3.3-A7_12
Please explain how you encourage people to use unique and strong passwords.
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Close open control exceptions and re-verify evidence to move this requirement to compliant.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
Privileged Account Separation Unknown
A7.13 · Danzel-3.3-A7_13
Do you have a process for when you believe the passwords or accounts have been compromised?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Investigate incomplete evidence records and confirm control telemetry collection for this requirement.
| Source | Status | Device/System | Control | Reason | Observed |
|---|---|---|---|---|---|
| M365-Demo | Partial | Tenant: Rocinante Operations | Privileged account separation | Two shared admin/user identities remain in active use. | 06/07/2026 19:43:44 +00:00 |
MFA for Privileged and Cloud Access Partial
A7.15 · Danzel-3.3-A7_15
If you have answered no to question A7.14, please provide a list of your cloud services that do not provide any option for MFA.
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365 and close identified control gaps.
No direct evidence records were returned for this requirement.
MFA for Privileged and Cloud Access Unknown
A7.16 · Danzel-3.3-A7_16
Has MFA been applied to all administrators of your cloud services, excluding any listed in A7.15 that do not provide it?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: M365 to establish a defensible status.
No direct evidence records were returned for this requirement.
Endpoint Malware Protection Partial
A8.1 · Danzel-3.3-MP-1
Is anti-malware protection enabled on supported devices with current signatures and active monitoring?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365, NinjaOne and close identified control gaps.
No direct evidence records were returned for this requirement.
Malware Incident Handling Unknown
A8.2/A8.3 · Danzel-3.3-MP-2
Are malware detections investigated and resolved through a documented incident workflow?
Why this status: Demo profile shaping: mixed posture scenario produced status Unknown.
Action hint: Integrate or repair evidence feeds from: HaloPSA, NinjaOne to establish a defensible status.
No direct evidence records were returned for this requirement.
Endpoint Malware Protection Partial
A8.5 · Danzel-3.3-A8_5
If Option B has been selected: where you use an app-store or application signing, do you ensure users only install applications approved by your organisation and maintain that approved list?
Why this status: Demo profile shaping: mixed posture scenario produced status Partial.
Action hint: Complete remaining evidence collection from: M365, NinjaOne and close identified control gaps.
No direct evidence records were returned for this requirement.
Informational Deep Dives
These controls are compliant or not applicable, but you can still expand each one for the evidence trail and open the related evidence view.
Secure Configuration Baseline 2 assessments
Covered questions: A5.4; A5.7
Why it appears here: Demo profile shaping: mixed posture scenario produced status Compliant.
Evidence: Record-level evidence is available in Evidence Explorer for this control.
MFA for Privileged and Cloud Access 2 assessments
Covered questions: A7.14; A7.17
Why it appears here: Demo profile shaping: mixed posture scenario produced status Compliant.
Evidence: Record-level evidence is available in Evidence Explorer for this control.