ai · security · skills

Sample mastery report

Illustrativeevidence: a seeded worked example, not your organisation’s data and not a measured or certified result.

Initech: Governance, Risk & Assurance practitioner mastery

Where this seat sits on the skills it owns, which gaps still hold the climb, and the curated next skills that close them. Read in a few minutes; act on one gap.

Prepared on
The aisecurityskills personal mastery check
Basis
Cloud Security Alliance (CSA) AI Controls Matrix (AICM) controls · Mythos-style four rungs
Evidence state
Illustrative · fictional organisation
Issued
18 Jul 2026

Small software firm · fictional organisation · illustrative sample

01

The verdict

Early-honest GRA practitioner: a few partial floors; most assurance lines still absent.

Initech's Governance, Risk & Assurance practitioner seat reads 0 implemented · 4 partial · 16 absent across 20 prompts across 6 domains. 20 skills still sit below Implemented — including assuring the AI supply chain. A small firm naming AI in policy while evidence packs that travel are still the climb.

Implemented

0

20 prompts · 6 groups

Partial / Absent

4 · 16

Below optimum on the personal bank

Below target

20

Path still visible

02

The ladder

Four concrete rungs from initial to optimum. Implemented, Partial, and Absent tallies are derived from the same session answers the live mastery check uses.

  1. 0ImplementedAt the personal optimum for that control
  2. 4PartialIn progress - not yet claimable as done
  3. 16AbsentNot practiced or not in place for this seat

This seat's session has no autonomy-gate controls. Climb the open gaps across your function's domains, then prove on the surface below.

03

Next skills

Prescriptions draw only from the curated core skill set via prescribeMasteryGaps. Each closes a derived gap on this seat's session bank.

  1. 01Execution

    Ai Vendor Privacy Due Diligence Art28

    Closes the A&A-02 gap (Commission and steer independent AI assessments): Absent → Partial.

    ai-vendor-privacy-due-diligence-art28

  2. 02Execution

    Generating A Gdpr Article 30 Ropa From System Inventories

    Closes the A&A-03 gap (Plan AI audits by risk, not by calendar): Absent → Partial.

    generating-a-gdpr-article-30-ropa-from-system-inventories

  3. 03Execution

    Vendor Privacy Certification Acceptance

    Closes the A&A-04 gap (Verify AI systems against the requirements that bind them): Absent → Partial.

    vendor-privacy-certification-acceptance

  4. 04Execution

    Collecting Evidence For A Privacy Compliance Audit

    Closes the A&A-05 gap (Run an audit program with AI in scope): Absent → Partial.

    collecting-evidence-for-a-privacy-compliance-audit

  5. 05Execution

    Building Vulnerability Aging And Sla Tracking

    Closes the A&A-06 gap (Drive audit findings on AI systems to closure): Absent → Partial.

    building-vulnerability-aging-and-sla-tracking

04

About this reading

Derived at build time from the Initech GRA practitioner mastery posture through computeMasteryReading: the same Mythos-style four-rung bank every live mastery check uses. Skill prescriptions are drawn only from the curated core set via prescribeMasteryGaps. A bank change re-derives this sample automatically; nothing here is hand-scored.

Initech is a fictional organisation; this reading is illustrative sample data, never a client result. Nothing here is certification.

Run this seat’s live mastery check →