All frameworks
Center for Internet Security

CIS Controls IG1 — essential cyber hygiene

The Implementation Group 1 subset — 56 foundational safeguards every small and mid-sized organization should meet, tracked continuously.

Get started See coverage
CIS IG1 · safeguards 44 / 56
1.1Asset inventoryPASS
4.1Secure configuration processPARTIAL
5.1Account inventoryPASS
6.1Access granting processPASS
7.1Vulnerability mgmt processPARTIAL
8.1Audit log managementFAIL
CIS Controls is one of ten frameworks mapped from a single scan
SOC 2
HIPAA
PCI DSS v4
NIST CSF 2.0
CMMC
ISO 27001
CIS v8
FTC Safeguards
Cyber Essentials
CIS Controls
Coverage

How SBCMSP maps CIS Controls

Continuous monitoring across every control family — 56 safeguards, scored on each scan.

Inventory

Know your hardware and software.

Configuration

Establish and maintain secure baselines.

Accounts & access

Manage accounts and access grants.

Vulnerability mgmt

Find and remediate known issues.

Logging

Collect and retain audit logs.

Evidence & reporting

Auto-collected evidence and a white-label, audit-ready PDF for every control.

Who it’s for Small and mid-sized organizations starting their security program.
Continuous, not point-in-time

Audit-ready all year — not just at renewal

Instead of a frantic evidence scramble before the audit, SBCMSP monitors each CIS Controls control continuously and flags drift the moment it happens.

  • Control-level pass / partial / fail status
  • Auto-collected, timestamped evidence
  • Gap remediation guidance per control
  • White-label report for the client & auditor
readiness · acme-corp79%
79
Controls passing44 / 56
Evidence collected94%
Open gaps3

Get your clients CIS Controls-ready faster

Run a readiness assessment in minutes and see exactly which controls need work.