How to use this review
If you are the CISO, security architect, or risk lead, work through the 26 questions below using CAIQ/SIG responses, VAPT summaries, SOC 2 reports, and architecture diagrams. If you received this link from a colleague managing the BGV evaluation, this is the structured input they need from your domain. Your answers generate a live maturity radar on the right and a prioritised control-gap list once enough domains are scored.