diff --git a/HIPAA_Access_Control_Policy.docx b/HIPAA_Access_Control_Policy.docx
new file mode 100644
index 0000000..a4b0206
Binary files /dev/null and b/HIPAA_Access_Control_Policy.docx differ
diff --git a/HIPAA_Audit_Report.docx b/HIPAA_Audit_Report.docx
new file mode 100644
index 0000000..b2425e2
Binary files /dev/null and b/HIPAA_Audit_Report.docx differ
diff --git a/HIPAA_Checklist.xlsx b/HIPAA_Checklist.xlsx
new file mode 100644
index 0000000..2c94014
Binary files /dev/null and b/HIPAA_Checklist.xlsx differ
diff --git a/HIPAA_Risk_Assessment_Template.docx b/HIPAA_Risk_Assessment_Template.docx
new file mode 100644
index 0000000..742ef76
Binary files /dev/null and b/HIPAA_Risk_Assessment_Template.docx differ
diff --git a/README.md b/README.md
index 77e0ca5..2ff43ae 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,30 @@
-# HIPAA-Compliance-Audit-Report
-This audit assesses the organization's compliance with HIPAA Security Rule requirements related to ePHI (electronic Protected Health Information). The assessment identified 3 critical, 4 moderate, and 5 low-risk issues that require remediation.
+
+# HIPAA Compliance Audit Portfolio
+
+This repository contains a complete simulated HIPAA compliance audit package, ideal for demonstrating cybersecurity audit and governance skills. The materials are intended for portfolio use or educational demonstrations.
+
+## 📁 Contents
+
+### 1. HIPAA_Audit_Report.docx
+A detailed internal HIPAA audit report for a simulated healthcare organization. Includes scope, methodology, findings, and remediation recommendations.
+
+### 2. HIPAA_Checklist.xlsx
+An editable compliance checklist aligned with HIPAA Security Rule controls (§164.308, §164.310, §164.312). Tracks compliance status and evidence.
+
+### 3. HIPAA_Risk_Assessment_Template.docx
+A structured template for conducting a HIPAA risk assessment. Includes space to document assets, threats, vulnerabilities, and recommendations.
+
+### 4. HIPAA_Access_Control_Policy.docx
+A sample access control policy enforcing unique logins, session timeouts, and access revocation procedures for ePHI protection.
+
+## 📌 Use Cases
+- Compliance audit portfolio
+- Cybersecurity training simulations
+- Governance, Risk & Compliance (GRC) demonstrations
+
+## 👤 Author
+Dickson Marienga  
+CISA | CISM | HIPAA Certified | CCNA CyberOps | Security & Compliance Specialist
+
+---
+© 2025 | For educational and portfolio use only