overview/ financial services/ financial-services__campus-enterprise__third-party-vendor-access

Financial Services Campus enterprise Third-party vendor accesses an enterprise resource

Single ResolvedScenario, seven views, every honesty marker the resolver emits. Vendor overlay and reader-tier toggles live in the toolbar. 768 in-scope provisions across 8 frameworks.

Trust Flow rail

Topology map

Stack diagram

Coverage heatmap

Maturity overlay (current → Advanced)

Threat overlay (m2m-token-replay)

Vendor substitution: Cloudflare One vs. Zscaler ZTE

Trust Flow rail

Satisfaction distribution

satisfied158 · 20.6%

partial523 · 68.1%

gap87 · 11.3%

pendingEvidence (discretion-capped)293

total in scope768

Frameworks in scope (8)

pci-dss-v4-0-11471524739

cisa-ztmm-v201564108

nist-csf-2-00852157

nydfs-500035029

cisa-cpgs-v2031320

nist-sp-800-2071022013

dora021714

glba-safeguards121513

Diagnostics (14)

gap (6)warn (8)info (0)

discretion-cap · cisa-cpgs-v2

Framework cisa-cpgs-v2: 20 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · cisa-ztmm-v2

Framework cisa-ztmm-v2: 108 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · dora

Framework dora: 14 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · glba-safeguards

Framework glba-safeguards: 13 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · nist-csf-2-0

Framework nist-csf-2-0: 57 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · nist-sp-800-207

Framework nist-sp-800-207: 13 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · nydfs-500

Framework nydfs-500: 29 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

discretion-cap · pci-dss-v4-0-1

Framework pci-dss-v4-0-1: 39 provision(s) with medium/high discretion had full structural coverage but were capped at "partial" pending auditor judgment / explicit evidence.

control-uncovered · cisa-cpgs-v2

Framework cisa-cpgs-v2: 3 provision(s) cite fillable Components with no in-scope Equipment filling them — the control class is unrepresented in the scenario stack.

control-uncovered · cisa-ztmm-v2

Framework cisa-ztmm-v2: 4 provision(s) cite fillable Components with no in-scope Equipment filling them — the control class is unrepresented in the scenario stack.

control-uncovered · dora

Framework dora: 7 provision(s) cite fillable Components with no in-scope Equipment filling them — the control class is unrepresented in the scenario stack.

control-uncovered · glba-safeguards

Framework glba-safeguards: 5 provision(s) cite fillable Components with no in-scope Equipment filling them — the control class is unrepresented in the scenario stack.

control-uncovered · nist-csf-2-0

Framework nist-csf-2-0: 21 provision(s) cite fillable Components with no in-scope Equipment filling them — the control class is unrepresented in the scenario stack.

control-uncovered · pci-dss-v4-0-1

Framework pci-dss-v4-0-1: 47 provision(s) cite fillable Components with no in-scope Equipment filling them — the control class is unrepresented in the scenario stack.

Resolved MaturityProfile

IdentityAdvanced

DevicesAdvanced

NetworksAdvanced

ApplicationsAndWorkloadsAdvanced

DataAdvanced

VisibilityAndAnalyticsAdvanced

AutomationAndOrchestrationInitial

GovernanceAdvanced

Static fallback (JavaScript disabled)

All seven views render as static SVGs below. The interactive toolbar (vendor overlay, reader tier) and the right-side honesty panels require JavaScript.