Product Map

Product map Platforms & Agreements Platform Data Security Profile

Platform Data Security Profile

Record data location, personal information, security controls, and evidence for each platform.

Released June 17, 2026
Explore Nortrue View product overview

Capability overview

Platform governance is not only about who owns a system or when the contract renews. Leaders also need to understand what data the platform handles, where that data lives, what controls are in place, and what evidence supports the assessment.

Platform Data Security Profile gives each platform a dedicated place to record data classification, PII categories, data location, hosting model, business impact, security controls, supporting evidence, and review state.

This helps teams keep security and data context close to the platform record, so risk, renewal, vendor, and governance conversations have better information behind them.

What this helps with

  • Record data security context
  • Track key controls
  • Attach supporting evidence
  • Keep assessments current
  • Support platform governance

Common use cases

  • Assess platform data risk. Record what data a platform handles, including customer data, employee data, financial data, identity data, source code, payment information, AI content, and unknown data.
  • Review security controls. Track whether important controls such as SSO, MFA, SCIM, audit logs, and data export are available or confirmed.
  • Capture evidence. Attach security reports, residency confirmations, vendor documentation, URLs, and other supporting material to the relevant section.
  • Maintain review cadence. Mark assessments as reviewed and track when the next review should happen.

Who it helps

Platform owners

Need a structured way to capture data, control, evidence, and review context for each platform.

Technology leaders

Need visibility of platform data exposure and security posture across the estate.

Security and governance teams

Need evidence-backed platform security context connected to ownership, risk, and agreement records.

How this connects to Nortrue

Platform Data Security Profile adds data and control context to Nortrue’s platform registry.

Security profile information can support platform reviews, vendor agreements, contract documents, evidence management, platform risks, decisions, renewals, and leadership reporting.

Frequently asked questions

What is Platform Data Security Profile used for?

It is used to record data classification, data types, PII categories, data location, hosting model, business impact, security controls, evidence, and review state for a platform.

What security controls can be tracked?

Nortrue can track control status for SSO, MFA, SCIM provisioning, audit logs, and data export.

Can evidence be attached?

Yes. Teams can attach file or URL evidence such as SOC reports, data residency confirmations, security overviews, and supporting documentation.

Can review state be tracked?

Yes. Teams can track last reviewed date, reviewer, next review date, mark an assessment as reviewed, and see recent activity.

Who should use Platform Data Security Profile?

It is useful for platform owners, technology leaders, security teams, governance teams, and anyone reviewing platform data exposure.