Skip to content

About CIS-Hosted CSAT

Introduction

CIS-Hosted CSAT is a free web application that enables organizations to assess, track, and prioritize their implementation of the CIS Critical Security Controls (CIS Controls). This tool was developed by our partners at EthicalHat.

Self-Assessments CIS Controls

The CIS Controls are a community-built set of prioritized cybersecurity guidance. They are being used and developed by thousands of cybersecurity experts around the world. For each CIS Control and Sub-Control, CIS-Hosted CSAT helps organizations track its documentation, implementation, automation, and reporting.

Cybersecurity is a Team Effort

CIS-Hosted CSAT enables teams to work together to answer questions related to the CIS Controls. Here are some of the ways CIS-Hosted CSAT allows you to collaborate with your team members:

  • Delegate questions to team members
  • Set deadlines for each CIS Control and Sub-Control
  • Upload evidence related to your findings
  • Capture team discussion about each assessment question

Reporting you can use

Data is most useful when the relevant parties can access it. That is why users can share assessment data in the form of downloadable reports. CIS-Hosted CSAT offers automatic reporting features, historical tracking, and access to raw data formats. Users can export assessment charts and other results directly into PowerPoint, Excel, and PDF.

Assessment results from CIS-Hosted CSAT can be exported per department or organizational unit, or you can take a more holistic view of the entire organization’s security. With cross-mappings to additional security frameworks like NIST SP800-53 and PCI DSS, you can also track your alignment between other best practices and the CIS Controls. CIS-Hosted CSAT, along with its on-premises counterpart (CIS CSAT Pro), also allows you to anonymously compare your results to the average of your industry or other peer groups to help drive the direction of your security program.