Compliance Evidence Receipt
Every assessment generates a cryptographically sealed, multi-framework evidence receipt. Here is what one looks like.
Compliance Evidence Receipt
SHA-256 Verified
Assessment ID
CHR-2026-03-10-0047
Domain
salesforce.com
Assessment Timestamp
2026-03-10T14:32:07Z
Report Generated
2026-03-10T14:32:09Z
Sources Checked
26
Engine Version
v2.4
Overall Risk Score
22
/100
Critical Risk — Immediate remediation recommended
SHA-256 Integrity Hash
a1b2c3d4e5f67890abcdef1234567890abcdef1234567890abcdef1234567890
Framework Mappings
| Framework | Controls Satisfied |
|---|---|
| SOC 2 | CC7.1CC7.2CC8.1 |
| ISO 27001:2022 | A.12.1.2A.12.6.1A.18.2.3 |
| PCI-DSS | Req 6.3Req 6.5Req 11.2 |
| NIST CSF v2.0 | ID.RA-1PR.IP-12DE.CM-8 |
| SOX | ITGC-ChangeITGC-Access |
Dimension Scores
Certificate Health
88
DNS & TLS
91
Vulnerability
12
Threat Intel
34
Supply Chain
28
Compliance
45
Verification: This evidence receipt was generated contemporaneously with the assessment at 2026-03-10T14:32:09Z. The SHA-256 hash guarantees immutability. Any modification to the underlying data will produce a different hash, invalidating the receipt. Retention policy: 7 years.
Every Assessment. Every Framework. Zero Manual Work.
ComplianceHarbor generates SHA-256 sealed evidence receipts automatically for every risk assessment, mapped to SOC 2, ISO 27001, PCI-DSS, NIST CSF, and SOX controls.