Navigating the Dashboard
The CloudAnzen dashboard is designed to answer one practical question: what needs attention now? It brings together framework readiness, control health, assigned work, evidence freshness, risks, vendor reviews, policy activity, and recent changes so your team can operate from a shared view.
Use the dashboard during weekly compliance reviews, audit preparation, customer security reviews, and leadership updates.
Compliance Score
The compliance score gives you a directional view of readiness across active frameworks. It is not a substitute for an auditor's judgment, but it helps you see whether the program is moving in the right direction.
Use the score to spot trends:
- A rising score usually means owners are closing gaps, evidence is being linked, and validations are passing.
- A flat score may mean work is blocked, controls are waiting for manual review, or evidence is stale.
- A falling score often means new framework scope, failed validations, expired evidence, or integration drift.
Control Health
Control health shows whether mapped controls appear to be operating as expected. This is where compliance work becomes concrete.
- Passing — The control has current evidence and no open blocking issues.
- Failing — A validation, evidence review, or integration signal indicates a problem.
- Needs Review — Evidence or a control decision needs human review.
- Not Started — The control has not been configured, assigned, or evidenced yet.
- Not Applicable — The control has been excluded with a documented justification.
- Is there a named owner?
- Is evidence current?
- Is the control mapped to the right framework requirements?
- Are failures tied to a remediation owner?
- Is the status supported by evidence, or is it just a manual assertion?
Recent Activity
The activity feed shows what changed recently: evidence uploads, policy approvals, validation results, risk updates, vendor reviews, audit comments, and integration syncs. It is useful for spotting movement and for reconstructing what happened during an audit period.
Use recent activity to answer:
- Who changed a control or evidence item?
- Which integrations synced recently?
- Which policies were approved or published?
- Which risks or vendors changed status?
- Which audit requests or findings were updated?
Todo and Assigned Work
The Todo area helps individuals find their own work. Depending on your role, this can include validation ownership, onboarding tasks, evidence requests, policy acknowledgments, access review tasks, or audit request responses.
For admins, Todo is a good way to verify whether owners actually have actionable work. For contributors, it should become the default starting point.
Framework Progress
Framework progress shows readiness by framework, requirement family, or domain. This is useful when you are preparing for a specific audit or customer request.
Look for:
- Domains with many incomplete controls.
- Requirements that depend on manual evidence.
- Shared controls that improve multiple frameworks at once.
- Requirements marked not applicable without a clear justification.
Risk and Vendor Signals
CloudAnzen connects risk and vendor work to compliance readiness. A control might look complete until you notice an untreated risk or overdue vendor review tied to the same area.
During dashboard review, pay attention to:
- Critical or high risks without treatment plans.
- Vendor reviews past their renewal date.
- Vendors missing security documents.
- Risks created from failed validations.
- Audit findings that should be linked to remediation work.
Quick Actions
Use the quick action buttons to:
- Upload evidence.
- Create a risk.
- Assign work to an owner.
- Start an audit.
- Review policies.
- Add or review vendors.
- Open framework progress.
Weekly Dashboard Review
For a practical weekly operating rhythm, review the dashboard in this order:
Reading the Dashboard During Audit Prep
Before an audit, use the dashboard to find gaps that could slow down fieldwork:
- Controls without current evidence.
- Evidence without a clear owner.
- Policies past review date.
- Risks without treatment status.
- Vendors missing recent review.
- Audit requests waiting for assignee response.
- Failed validations that need remediation notes.