Compliance: AI Search for ISO 27001 Evidence Collection

AI for Cybersecurity · 6 steps

Briefing

You are the cybersecurity GRC analyst preparing the surveillance audit for your ISO 27001:2022 certification. The auditor sent a sample of 18 controls (drawn from Annex A) for which they want evidence. You have 5 days to deliver.

An LLM search tool indexes your policy library, IT ticket system, change-management records, and risk register. For each control, it proposes the strongest candidate evidence with citations. Your job is to verify each citation actually proves the control, fill gaps where evidence is thin, and reject hallucinated citations.

This scenario tests GRC tradecraft, evidence-bar discipline, and the use of LLM search as a research accelerator without trusting it as the auditor's eye. Sources: ISO/IEC 27001:2022, NIST CSF 2.0 GV.RR (Roles and Responsibilities), NIST SP 800-53A.

How Crucible mode works

One ordered pass through every step. No clock. Each answer scores against the canonical solution.

Hints reduce the points you can earn for that step. Free-text steps queue for manual review.

What you will practice

01Map an ISO 27001 Annex A control to specific evidence types
02Verify LLM-cited evidence against the source system
03Recognize hallucinated ticket numbers and fabricated approvers
04Fill evidence gaps when records are thin

Back to Range