Assessment
Submission
AI Processing
& Analysis
Key Controls
Review
4
Final
Results

Key Controls Review

Test DATA - Review and manage critical security controls

Search & Add Controls
AI-powered search finds controls based on meaning and context
AI Search Results

Found semantically similar controls

0 results

Current Key Controls

3 Total
Scoping Question 1

Will the entity’s personnel require specialized clearances or certifications? Determines if staff need background checks, professional licenses, or industry certifications before starting work. Delays onboarding if certifications lapse; compliance risk if unauthorised staff perform regulated tasks. Credential-verification process Expiration-tracking of certifications Backup resource plan for lapsed clearances

1 Controls
CIS 5.1 Found
Establish and Maintain an Inventory of Accounts

Establish and maintain an inventory of all accounts managed in the enterprise. The inventory must at a minimum include user, administrator accounts, and service accounts. The inventory, at a minimum, ...

Auto-Generated Generated during job processing
1. This control addresses the scoping question by ensuring that only authorized personnel with the required clearances or certifications have active accounts, enabling verification of staff eligibility before granting access. 2. It is important for c...
Scoping Question 2

Will the entity have physical access to the entity’s managed devices (e.g., laptops, smartphones, tablets)? Determines if the entity’s personnel will handle or use corporate-owned endpoints, which may store sensitive data. Direct device access can lead to data leakage, malware introduction, or unauthorised configuration changes. Device inventory and tracking Endpoint security policies (e.g., MDM enforcement) Access logging and tamper-evident seals

1 Controls
CIS 4.11 Found
Enforce Remote Wipe Capability on Portable End-User Devices

Remotely wipe enterprise data from enterprise-owned portable end-user devices when deemed appropriate such as lost or stolen devices, or when an individual no longer supports the enterprise.

Auto-Generated Generated during job processing
Control 4.11 is relevant to the scoping question because it ensures that if personnel have physical access to managed devices, the organization can remotely remove sensitive data in the event of loss, theft, or personnel changes. This control is impo...
Scoping Question 3

Does the entity use proprietary or third-party technology that must be licensed separately? Flags dependencies on paid tools, platforms, or IP that add cost or complicate your management landscape. Creates unexpected cost, version-mismatch risk, and additional vendor-management overhead. License-management tracking and renewal reminders Proof-of-license audits Evaluation of alternative open-source options

1 Controls
CIS 2.1 Found
Establish and Maintain a Software Inventory

Establish and maintain a detailed inventory of all licensed software installed on enterprise assets. The software inventory must document the title, publisher, initial install/use date, and business p...

Auto-Generated Generated during job processing
Control 2.1 is directly relevant to the scoping question because maintaining a detailed software inventory enables the entity to identify all proprietary and third-party technologies in use, including those requiring separate licenses. This control i...
Processing...

Please wait while we process your request