⚠️ JavaScript Required

Hey, you NEED JavaScript for this application to work properly.

RiskTape is a modern web application that requires JavaScript to deliver secure, real-time compliance management features. Please enable JavaScript in your browser settings and reload the page.

‹ Back to Act

Risk / detail

ACME Corp

Encrypt the legacy datastore at rest and rotate keys to the managed KMS

Score impact

+6 posture

Loss avoided (ALE)

$640K

Effort

~2 weeks · Data Engineering

Frameworks satisfied

3

Plan

4 steps

Snapshot + classify records in the legacy datastore
Enable encryption at rest; migrate keys to managed KMS
Rotate keys and verify cipher coverage
Attach KMS config evidence → HIPAA/GDPR/NIST

Closes

Unencrypted patient data in a legacy datastore

View the exposure →

Satisfies — one fix, many frameworks

HIPAA →GDPR →NIST CSF →

Because every control maps through the CSF hub, completing this single action posts evidence to all 3 frameworks at once — no duplicate work.