Special Review Modes (Quick Assessment & Risk Scoring)2 items

Quick Assessment Mode (≈20 high-priority checks)

Root/owner account lockdown; SSO + phishing-resistant MFA for admins.
Public storage exposure blocks; logging export & retention; CSPM enabled.
API gateway deny-by-default; mTLS between services; rate limiting on auth flows.
K8s admission enforcing PSS; signed images; default-deny NetworkPolicies.
Key management: CMK in HSM, rotation; SoD; BYOK/HYOK where applicable.

Risk Scoring (Likelihood × Impact)

Score per control from 1–5 for Likelihood and Impact. Prioritize remediation by descending product (L×I), and break ties by feasibility and blast radius.

Likelihood factors: exposure (internet-facing?), ease of exploit, deterrence (MFA, mTLS).
Impact factors: data sensitivity, privilege level, lateral movement potential, compliance.
Elevate to urgent if (L×I ≥ 16) or if regulatory obligations require immediate action.