Center for Internet Security (CIS)

CIS Controls is a prioritized set of security best practices created by the Center for Internet Security to stop the most pervasive and dangerous security threats. If you looking to start preparing your organization for obtaining an annual SOC 2 report, start here!

What’s included?

  • Security Assessment containing questions benchmarked against CIS Controls
  • Risk Assessment for Environmental, Human, IT, and Business Risks
  • Compliance Calendar and Real-Time Dashboards
  • Policies, plans, and procedures for CIS Controls
  • Incident Response Management and Reporting
  • Acknowledgement Tracking for Policies, Acceptable Use, Employee Handbooks, and more
  • Business Continuity Strategy, Plan, Testing, and Reporting Templates
  • Vendor Due Diligence Procedure, Automated Risk Ranking, Assessments, and Reporting
  • Security Awareness: Annual, New Hire, Functional/Role-Based Training and Reporting
  • Automated Weekly Status Reports and On-Demand Complete Assessment Reports

Click here to access the ASCENT CIS Controls Resource Guide that contains detailed information specifically for this framework of controls.

Click here

Get Your CIS Controls Documentation Checklist Here!

Click here


ASCENT Portal will help you address any control framework with real time, automated ease.

Frameworks Summary