From Evidence to Assessment: A 60-Minute MSP Workshop
A reusable ComplianceAide workshop for MSPs: create a workspace, collect evidence, recover skipped files with Eyes, run an assessment, and turn findings into action.
From scattered evidence to an assessment in one working session
A reusable 60-minute workshop for MSP teams: create a customer workspace, load a small evidence packet, recover skipped evidence with Eyes, run a NIST CSF 2.0 assessment, and turn the first gaps into action.
Start in the MSP portal
Create a customer workspace before opening the assessment experience. The scope note matters because it becomes launch context for chat and voice.
- Use a customer-safe, fictional name for public workshops.
- State the framework, business context, evidence types, and how to treat missing evidence.
- For a real customer, name the customer here and avoid ambiguous evidence ownership.
Customer: Asteron Manufacturing (fictional workshop client) Goal: run a NIST CSF 2.0 readiness assessment from a small evidence packet. Include: policies, asset inventory, identity/MFA exports, vulnerability summary, backup status, tickets, and screenshots captured with Eyes when files are skipped. Treat missing evidence as a gap, not as compliance.
This workspace is for a first-pass customer security review. Start by identifying what the uploaded evidence proves, what is missing, and what the MSP should request next. Use NIST CSF 2.0 unless another framework is selected.
If a file is skipped, unsupported, image-only, or easier to show than parse, use Eyes to capture the visible screen as evidence. After capture, ask the assistant to summarize what it saw before running the assessment.
Handle the invite prompt deliberately
After workspace creation, ComplianceAide can send an invite and begin the customer email sequence. In a workshop, usually choose Skip for now so the room stays focused on the live evidence workflow.
- Send invite starts the customer-facing compliance email campaign.
- Copy invite link gives you a link without starting the campaign.
- Skip for now is the clean demo path when the presenter owns the walkthrough.
Use the Guide as the instructor
Once the workspace opens, the Guide is the fastest way to keep people oriented. It exposes the next actions without requiring a product tour.
- Ask the assistant what to do next if the room gets lost.
- Use Guide buttons for assessment, evidence, reports, and policy generation.
- Keep the page open while an assessment runs; partial results can appear before final completion.
Upload evidence from the paperclip
The downloadable evidence pack is intentionally packaged as a ZIP for distribution. For ingestion, extract it first and upload the individual files.
Recover skipped evidence with Eyes
If a CSV, screenshot, dashboard, or legacy export is easier to show than parse, open it on screen and use Eyes.
- Open the skipped file or dashboard on another monitor.
- Click Eyes, click Start, select the screen or window, then share.
- Stop sharing after the capture and wait for the queued count to reach zero.
- Ask: “Using what Eyes just saw, list the assets and tell me what evidence is still missing.”
Ask for a plain-English readout
Before running the assessment, ask the assistant to summarize what it can prove from the uploaded and visual evidence. This gives the room an immediate win while the heavier assessment work is queued.
- Ask for assets, identities, backups, EDR posture, vulnerabilities, and obvious missing evidence.
- Do not over-script the prompt; the point is to show that the product can guide a normal MSP workflow.
- Use the answer to pick the right framework and confirm the assessment scope.
Run NIST CSF 2.0 without making everyone wait
Start the assessment, then immediately move to parallel work. A full assessment can take meaningful time, especially with many controls. Use the partial preview when it appears, and come back to the final result later.
- Choose NIST CSF 2.0 for this workshop unless the customer has a specific framework.
- Open the partial preview as soon as it is available.
- Explain that final scoring should be read after the run completes, not from the first partial rows.
Generate a visual story from the evidence
After the assessment is running, open the security dashboards and generate visuals such as Network Diagram, Asset Inventory Landscape, Identity and Access Map, MFA and Account Protection, and Framework Readiness Map.
- This is the best use of the assessment wait time.
- Ask the room which dashboard would help them explain risk to a customer.
- Use Network Diagram early because it makes asset and dependency evidence concrete.
Create a System Security Plan while the assessment runs
This is the best way to make the workshop feel like a full hour instead of a quick upload demo. After the assessment starts and dashboards are generating, ask ComplianceAide to draft a practical SSP from the same evidence.
- Explain that the SSP is a draft deliverable, not a final audit artifact.
- Ask for system boundary, assets, roles, implemented controls, partial controls, open evidence requests, and next actions.
- Use the answer to show how evidence becomes customer-facing documentation while the assessment continues in the background.
Show the Live Voice Agent
The Live Voice Agent lets users talk through the same workspace workflow instead of typing every prompt. It can explain what to do next, summarize evidence, check assessment status, help draft reports or policies, and talk through dashboard output.
- Use it to make the product feel guided instead of menu-driven.
- It can help with almost everything in this workshop except the actual Eyes screen-share capture step.
- For MSPs, position it as a coach for analysts who do not live in compliance tooling every day.
Explain Connect AI Agent
Connect AI Agent is for handing the workspace to an external AI agent or automation workflow so it can keep working from the same context. This is different from Live Voice: voice is for a human conversation, while Connect AI Agent is for an agent that needs workspace-aware setup.
- Use it when an outside AI tool should inspect the current workspace, fetch assessment status, or continue a scoped task.
- It preserves the idea that the workspace is the source of truth: evidence, assessment state, and handoff notes matter.
- It does not replace Eyes. Visual capture still requires the browser screen-share flow.
60-minute core workshop runbook
Set the frame
Position ComplianceAide as a guided MSP workflow: evidence in, assessment and next actions out.
Create the workspace
Use the MSP portal, paste a scope note, explain the invite modal, and skip the campaign for the live workshop.
Download and extract evidence
Have participants download the Asteron pack, extract it locally, and upload the individual files.
Use Eyes for asset inventory
Open the asset inventory on screen, capture it with Eyes, then ask the assistant to list the assets and missing evidence.
Start NIST CSF 2.0 assessment
Run the assessment and tell the room it can take 15-40 minutes. The next steps are designed to fill that wait time.
Generate dashboards
Use the dashboard gallery to create a Network Diagram or Asset Inventory Landscape while assessment rows process.
Create an SSP draft
Ask for a System Security Plan from the evidence, assessment context, and known gaps.
Show voice and agent handoff
Explain Live Voice Agent for guided conversation and Connect AI Agent for external AI handoff from the same workspace.
Close with next actions
Review top gaps, evidence requests, owner/date tracking, and what the MSP would do in the next customer meeting.
Presenter close
“The goal is not to prove perfect compliance in one hour. The goal is to turn a messy starting packet into a defensible map: what evidence exists, what is missing, what risk is visible, and what the MSP should ask for next.”