Secure Your Configuration

	The only consensus-based, best-practice security configuration guides
	Developed through a collaborative process, leveraging the expertise of IT security professionals from around the world
	Trusted and recognized by businesses, industry leaders, government entities, and academia

Protect Your Organization

	Prioritized and prescriptive path defining how to achieve cybersecurity
	Developed by a community of cybersecurity experts
	Mapped to multiple legal, regulatory, and policy frameworks, simplifying cybersecurity compliance

Assess and Remediate at Scale

	Access multiple cybersecurity resources including CIS-CAT® Pro, CIS CSAT Pro, and more
	Customize CIS Benchmarks and tailor security recommendations to your organization’s needs
	Receive enhanced cybersecurity support from CIS experts

Support for U.S. Government Organizations

	MS-ISAC is the key resource for cyber threat prevention, protection, response, and recovery for all SLTT government entities. It is a voluntary and collaborative effort based on a strong partnership between CIS, SLTT government organizations, and the U.S. Department of Homeland Security (DHS).
	EI-ISAC supports the cybersecurity needs of the election community with resources, guidance, training, and tools tailored for the unique nature of election security.

Select Mappings

Select the mappings you would like to apply to the Controls list. The list will be filtered based on your selection and can be further refined by selecting sub-groups from the mappings on the main page.

HELP

The following page shows a list of CIS Safeguards that can be filtered by Implementation Groups (IGs) and other security frameworks and exported to a csv file for your reference. This is a great resource if your business requires adherence to certain security frameworks like MITRE ATT&CK and ISO 27001 but you wish to use CIS's automated tools like CSAT or CIS-CAT.

Note that all Safeguards within IG 1 are also a part of IG 2 and IG 3. All Safeguards within IG 2 are also within IG 3.

FILTERING

To filter by Implementation Group, click the IG number at the top of the table. The table will filter automatically.

Click "Add" above the Mapping section to filter by specific frameworks. Select one or more mappings from the dialog box and hit "Apply Mappings". All subsections of the mappings will be automatically applied and the table will filter to only those Safeguards that are mapped to one or more of the selected frameworks. Subsections of the mappings can be added or removed in the associated section under "Mappings" by clicking anywhere on the framework's box.

CHANGING INCLUDED SAFEGUARDS

Additional Safeguards can be added to or removed from filtered results. To show all Safeguards, click "Show Unchecked Safeguards", then select those you'd like to include. To remove, deselect the checkboxes of those you wish to remove, then hit "Hide Unchecked Safeguards". This is useful if you wish to export customized information - only selected Safeguards will be exported, along with any relevant IG and mapped framework information.

Filters for Mappings and Implementation Groups can be applied concurrently. Clicking "Reset Filters" will reset the page back to its starting state.

Click here to download a copy of the CIS Safeguards and learn more about Implementation Groups.