LiStDan Finance | End-to-End GRC Risk Assessment
ISO 27001:2022 · NIST CSF v1.1 · GDPR · SHIELD Framework
Assessment Period: 18 April 2026 – 18 May 2026
This portfolio documents a full-cycle GRC risk assessment conducted for LiStDan Finance, a California-based digital payments platform processing real-time transactions for 100,000 active users. The engagement covered Azure-hosted infrastructure, eight third-party vendor relationships, and the company's full data processing landscape across ISO 27001:2022, NIST CSF v1.1, and GDPR. All twelve deliverables were completed across a 30-day assessment period using the SHIELD Framework — a structured six-stage GRC methodology designed for fintech and SaaS environments.
| Field | Detail |
|---|---|
| Client | LiStDan Finance |
| Industry | Fintech — Digital Payments |
| Assessment Period | 18 April 2026 – 18 May 2026 |
| Frameworks | ISO 27001:2022, NIST CSF v1.1, GDPR |
| Methodology | SHIELD Framework (designed by Stephanie Uzama) |
| Total Findings | 36 |
| Overall Compliance | LOW — 0 controls fully compliant at assessment date |
| Deliverables Produced | 12 |
| Engagement Status | Closed — 18 May 2026 |
Business context, engagement summary, and team structure.
🧭 02 | Methodology — SHIELD Framework
How the SHIELD Framework was designed and applied in this engagement.
What was assessed, what was excluded, and why.
Stage-by-stage breakdown of how the engagement was executed.
📊 05 | Risk and Findings Picture
Compliance statistics, highest-risk domains, and priority findings.