How It Works

Create an Assessment

Choose from industry-standard templates like NIST CSF or build your own. Define groupings, set weightings, add questions, and specify whether evidence is required. Each assessment becomes a snapshot of the template — changes to the template later won't affect active assessments.

Invite Organizations & Teams

Add buyer-side and seller-side organizations to the assessment. Invite team members via email — they'll be guided through signup and onboarding automatically. Assign roles (Admin, Analyst, Reviewer, Viewer) to control who can do what.

Answer the Questionnaire

Sellers (or self-assessors) work through the questionnaire — providing answers, uploading evidence, and marking questions as ready for review. Multiple team members can be assigned to different areas for parallel work.

Review & Score

Buyer-side analysts review each answer and evidence. They can add internal comments (visible only to buyer-side), leave public comments, and accept or decline each question. Risk scores are assigned per question.

Generate Reports

Every assessment produces a live report with overall risk scores, per-grouping breakdowns, an AI-generated executive summary, and a full appendix of all questions, answers, and evidence links. Reports update in real time as the assessment progresses.

Role-Based Access

The right permissions for every team member

Each person on the assessment has a clearly defined role with specific capabilities.

Admin

Buyer or Seller

Edit assessments & questions
Manage team members
Assign organizations
Add follow-up questions

Analyst

Buyer Side Only

Review answers & evidence
Add internal comments
Accept or decline questions
Assign risk scores

Reviewer

Seller Side Only

Provide answers to questions
Upload evidence
Mark questions as answered
Submit for review

Viewer