Sample mastery report
Illustrativeevidence: a seeded worked example, not your organisation’s data and not a measured or certified result.
Northwind Retail: Security Operations practitioner mastery
Where this seat sits on the skills it owns, which gaps still hold the climb, and the curated next skills that close them. Read in a few minutes; act on one gap.
- Prepared on
- The aisecurityskills personal mastery check
- Basis
- Cloud Security Alliance (CSA) AI Controls Matrix (AICM) controls · Mythos-style four rungs
- Evidence state
- Illustrative · fictional organisation
- Issued
- 18 Jul 2026
Retail · fictional organisation · illustrative sample
The verdict
Mid-seat SecOps practitioner: signature craft across monitoring and response — climbs still open.
Northwind's Security Operations practitioner seat reads 3 implemented · 16 partial · 1 absent across 20 prompts across 3 domains. Monitoring and access habits sit mid; 17 skills still sit below target, including response when AI goes wrong. The climb is day-to-day SecOps craft on the CSA spine.
Implemented
3
20 prompts · 3 groups
Partial / Absent
16 · 1
Below optimum on the personal bank
Below target
17
Personal gate open on at least one autonomy-holding control
The ladder
Four concrete rungs from initial to optimum. Implemented, Partial, and Absent tallies are derived from the same session answers the live mastery check uses.
- 3ImplementedAt the personal optimum for that control
- 16PartialIn progress - not yet claimable as done
- 1AbsentNot practiced or not in place for this seat
Your personal gate is open: at least one autonomy-holding control sits below its target. Close those first; the same controls that gate the org climb.
Next skills
Prescriptions draw only from the curated core skill set via prescribeMasteryGaps. Each closes a derived gap on this seat's session bank.
- 01Judgment
Conducting Phishing Incident Response
Closes the SEF-03 gap (Write response plans for AI incidents): Absent → Partial.
conducting-phishing-incident-response
- 02Judgment
Performing Alert Triage With Elastic Siem
Closes the LOG-02 gap (Protect audit logs from tampering): Partial → Implemented.
performing-alert-triage-with-elastic-siem
- 03Judgment
Analyzing Security Logs With Splunk
Closes the LOG-04 gap (Control who reads the logs, and log that too): Partial → Implemented.
analyzing-security-logs-with-splunk
- 04Judgment
Performing Alert Triage With Elastic Siem
Closes the LOG-05 gap (Respond to what the logs say, on a clock): Partial → Implemented.
performing-alert-triage-with-elastic-siem
- 05Judgment
Configuring Windows Event Logging For Detection
Closes the LOG-06 gap (Keep clocks in sync so timelines hold): Partial → Implemented.
configuring-windows-event-logging-for-detection