CIS Controls® Companion Guides

 

What's changed?

Cybersecurity is an evolving industry with an endless list of threat actors. The tools we use to stay safe and secure must be updated to match the current threat landscape. Find out how CIS Controls V7.1 was updated from version 7.
Download CIS Controls Version 7.1 Change Log

Assess your risk with CIS RAM

CIS Risk Assessment Method is a free information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls™ cybersecurity best practices. CIS RAM provides instructions, examples, templates, and exercises for conducting a cyber risk assessment.
Download CIS RAM (read FAQs)

Look at measures and metrics

Want to see how well your organization is implementing the CIS Controls?
Download CIS Controls V7 Measures & Metrics

Learn how the CIS Controls V7.1 break into Implementation Groups

Discover the CIS Sub-Controls in Implementation Groups that help organizations of different classes focus their security resources.
Download CIS Controls Version 7.1 Implementation Groups

Learn how CIS Controls V7.1 Maps to NIST CSF

This mapping document demonstrates connections between NIST Cybersecurity Framework (CSF) and the CIS Controls Version 7.1.
Download Mapping to NIST CSF

Security and Privacy Controls for Federal Information Systems and Organizations

This document provides a detailed mapping of the relationships between the CIS Controls and NIST SP 800-53 R4.
Download Mapping to NIST SP 800-53 R4

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

This document provides a detailed mapping of the relationships between the CIS Controls and NIST SP 171 R2.
Download Mapping to NIST NIST SP 171 R2

If you're a Small or Medium-Sized Enterprise (SME), download the SME guide

This guide seeks to empower the owners of small and medium-sized enterprises (SMEs) to help them protect their businesses with a small number of high priority actions based on the CIS Controls - a comprehensive set of cybersecurity best practices developed by IT experts that address the most common threats and vulnerabilities.
Download SME Guide

Working in an Industrial Controls System Environment? Download the ICS Guide

On this document, we provide guidance on how to apply the security best practices found in CIS Controls Version 7 to ICS environments. For each top-level CIS Control, there is a brief discussion of how to interpret and apply the CIS Control in such environments, along with any unique considerations or differences from common IT environments.
Download ICS Guide

Looking to secure a cloud environment? Download the CIS Controls Cloud Companion Guide

In this document, we provide guidance on how to apply the security best practices found in CIS Controls Version 7 to any cloud environment from the consumer/customer perspective. For each top-level CIS Control, there is a brief discussion of how to interpret and apply the CIS Control in such environments, along with any unique considerations or differences from common IT environments.
Download Cloud Companion Guide

Looking to secure a mobile device? Download the CIS Controls Mobile Companion Guide

In this document, we provide guidance on how to apply the security best practices found in CIS Controls V7 to mobile environments. Organizations will be able to break down and map the applicable CIS Controls and their implementation in mobile environments. Download Mobile Companion Guide. Track your progress with a downloadable spreadsheet.
Download Mobile Companion Guide. Track your progress with a downloadable spreadsheet.

Discover how to secure your IoT devices. Download the CIS Controls Internet of Things Companion Guide

In this document, we provide guidance on how to apply the security best practices found in CIS Controls Version 7.1 to IoT environments.
Download Internet of Things Companion Guide. Track your progress with a downloadable spreadsheet

Secure your Microsoft Windows 10 Environment. Download the CIS Controls Microsoft Windows 10 Cyber Hygiene Guide

In this document, we offer practical guidance on cyber hygiene for Windows 10 users.
Download Microsoft Windows 10 Companion Guide