Does our membership allow us to use the CIS controls in our work as consultants.

Product Name

CIS Controls®

Version

All

Date

Dec 16, 2020

Am I allowed to add my clients to my CSAT account as Secondary Organizations in order to help them assess and oversee their cybersecurity maturity and its advancement?

Solution

Yes, CIS offers two tools which allow you to verify your organizations Cyber Security implementations against the CIS Controls!

CIS-Hosted CSAT (On-line) is a free version of our tool and as such it has more limited capabilities. You will not be able to create a number of sub organizations and have yourself as both an overarching admin to all sub-organizations as well as assigning individual sub-organization Admins.
CIS-CSAT Pro is The “on-premises” version of CIS-CSAT is available exclusively for CIS SecureSuite® Members. By using the Pro version of CIS-CSAT you can create sub-organizations, assign Admins, compile consulting data, and much much more. This version offers additional features and benefits such as:
- Saving time by using a simplified scoring method with a reduced number of questions
- Deciding whether to opt in to share data and see how scores compare to industry average
- Allowing for greater flexibility with organization trees for tracking organizations, sub-organizations, and assessments
- Assigning users to different roles for different organizations/sub-organizations as well as greater separation of administrative and non-administrative roles
- Tracking multiple concurrent assessments in the same organization

Here is a blog post with more information regarding the new CIS-CSAT Pro

Keywords; csat pro hosted controls

Center for Internet Security®

Privacy Policy