⬡ CONCEPT PROTOTYPE · INDEPENDENT VENTURE · NOT AFFILIATED WITH ANY EMPLOYER ControlPlanIQ LLC · Early-Stage · Demo Only
Executive Overview
35 applications monitored · Last sync: Mar 8, 2026 · 07:14 EST
Portfolio Risk Score
64.2
↑ +3.1 from last quarter
Applications Monitored
35
◈ 8 critical-tier · 14 high
SaaS Annual Spend
$4.7M
↓ $620K redundancy flagged
Open Risk Signals
18
↑ 5 critical unaddressed
Application Risk Register
Sorted by composite risk score · Read-only ingestion
Application Category Risk Tier Control Score Frameworks
Workday HCM
HR Technology
 HR / Workforce ● High
71
SOC2 ISO
Salesforce CRM
Sales & HR Ops
 CRM / Data ● High
68
NIST SOC2
ServiceNow ITSM
IT Governance
 ITSM ◒ Medium
82
ITIL ISO
Veeva Vault
Compliance
 Compliance / GRC ● High
54
FFIEC
DocuSign eSign
Legal / Ops
 Workflow ✓ Low
91
SOC2 NIST
Okta SSO
Identity & Access
 Identity ● Critical
47
NIST NYDFS
Splunk SIEM
Security Operations
 Security ◒ Medium
78
NIST FFIEC
Portfolio Risk Score
Composite · Weighted effectiveness model
64.2
Moderate–Elevated Risk
0–40 Low
41–70 Mod
71+ High
Framework Alignment
Portfolio coverage average
NIST CSF
67%
ISO 27001
81%
FFIEC
52%
NYDFS
44%
SaaS Spend by Category
Annualized · Utilization-weighted · $4.7M total
HR / Workforce
$1.42M
Security
$960K
CRM / Sales
$820K
Collaboration
$610K
Compliance / GRC
$490K
ITSM
$420K
Redundancy flagged across 7 applications
$620K at risk
Active Risk Signals
18 open · 5 require immediate attention
5 Critical
Okta SSO — MFA enforcement gap detected across 3 critical applications. Identity control score below threshold (47).
Identity · NYDFS §500.12 · Flagged Mar 6, 2026
Veeva Vault — Annual vendor attestation overdue by 47 days. FFIEC compliance coverage at 52%.
Compliance · FFIEC · Flagged Feb 18, 2026
Workday HCM — Data residency confirmation pending for EU payroll module. SOC 2 Type II report expired.
Data Governance · ISO 27001 · Flagged Mar 1, 2026
Collaboration Suite (×3) — Overlapping functionality identified. Combined spend: $210K. Rationalization recommended.
Cost Optimization · Spend Analysis · Mar 8, 2026
ServiceNow — New NIST CSF 2.0 crosswalk available. Current alignment may improve from 67% → 74% with mapping update.
Framework Update · NIST CSF 2.0 · Mar 5, 2026
ControlPlanIQ LLC  ·  Independent venture · No employer affiliation  ·  Read-only intelligence layer  ·  Vendor-agnostic  ·  Framework-aligned: NIST · ISO · FFIEC · NYDFS POC v0.1 · Concept Prototype