CorpInfoTech Receives First CIS Controls Accreditation

EAST GREENBUSH, N.Y. and CHARLOTTE, N.C., Nov. 14, 2023 – The Center for Internet Security Inc., (CIS®) today announced that Corporate Information Technologies (CorpInfoTech) is the first organization to receive CIS Controls Accreditation under a joint program announced in June with CREST, an international not-for-profit accreditation and certification body.

CIS Controls Accreditation is an exclusive opportunity for vendor and consulting companies that are CIS SecureSuite Members to achieve recognition that their services are certified by the globally recognized CIS Controls and CREST. Every organization that achieves the Controls Accreditation is externally assessed in accordance with rigorous criteria defined by two renowned authorities in cybersecurity.

CorpInfoTech, the first company to achieve this recognition, provides small to mid-market organizations with expert IT services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. In 2008, CorpInfoTech aligned its information security risk management practices and technical systems configuration baselines to the CIS Critical Security Controls (CIS Controls).

“With this accreditation, CorpInfoTech is pleased to deepen its relationship and alignment with CIS and the Controls program as a whole. The recognition by CREST solidifies CorpInfoTech's leadership in the space, providing one of the most robust, valuable, and widely applicable risk-informed assessment work products in the industry,” said Lawrence Cruciana, President, CorpInfoTech. “Together, this partnership will further allow CIS and CorpInfoTech to continue innovation and deliver one of the most consistent risk-informed security assessment products available anywhere by organizations of all sizes and complexities.”

The CIS Controls are a set of globally-recognized and widely-used best practices that provide a prioritized path to improve an enterprise’s cybersecurity posture. CorpInfoTech’s accreditation marks the first initiative pairing the CIS Controls with a program to deliver accredited consulting.

“CIS has had a longstanding relationship with CorpInfoTech, so it’s quite fitting that they are our first CIS Controls accredited member,” said Phyllis Lee, CIS Vice President of Security Best Practices Content Development. “It’s nice to finally kick this program off and we look forward to welcoming more accredited members in the future.

Learn more about CIS Controls Accreditation here.

For media inquiries, please contact CIS Media Relations Manager Kelly Wyland at [email protected] or 518-256-6978.



About CIS:

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit or follow us on X: @CISecurity.

About CorpInfoTech:

Founded in 1997, CorpInfoTech provides best-in-class engineered IT solutions, information risk assessment, and tailored managed technology support to modern commercial and government clients. We help organizations identify, quantify, mitigate, and operationally manage technology-centric operational risks throughout the entire Information Ecosystem.

CorpInfoTech’s experienced team of professional technologists have deep industry relationships with over 25 years’ experience, delivering services using its 100% U.S. based, directly employed personnel.

CorpInfoTech is here to serve growing organizations through best-in-class managed security, managed technology services, and cyber risk assessment, easing compliance requirements, risk mitigation, and ongoing management of technology systems of risk-aware small and mid-market organizations.