Skip to main content

How audit-ready is your stack?

A short diagnostic — eight questions drawn at random from a pool of twelve. There are no right or wrong answers. Your score is matched to one of three readiness bands, each with a concrete next step. Nothing leaves your browser; refresh for a different set.

~3 minutesNo trackingPool of 12 · randomised every visitDiagnostic only · not graded
Self-assessment · 8 questions · ~3 minutes · pool of 12 · no tracking · personalised recommendation

How audit-ready is your stack?

  1. 1

    How many compliance frameworks do you actively track?

  2. 2

    How is your team preparing for EU AI Act (Aug 2026 enforcement)?

  3. 3

    How is compliance evidence captured today?

  4. 4

    How is the same control mapped across multiple frameworks?

  5. 5

    What happens when a PR touches a compliance-relevant area (auth, data, AI)?

  6. 6

    If an auditor asked you to replay a compliance decision from 6 months ago, you could:

  7. 7

    How do you detect when production has drifted from declared policy?

  8. 8

    What does your audit trail look like?

How the score works

Each answer carries a weight derived from how much that posture reduces audit risk — drawn from the Compliance-to-Architecture Framework v0.1 spine (L0 Risk → L12 Audit-Pack). Scores normalise to a 0–100 band so the result doesn't depend on which subset of questions you saw. The recommendation is the shortest plausible next step from your band; it isn't a sales pitch.

Want the full picture? The framework page walks the same model end-to-end, and the public spec on GitHub carries the citations.