CISO Assistant
  • 👋Welcome to CISO Assistant
  • Guide
    • Installation
    • Understanding decoupling
    • General tips
    • Journeys
    • 🏗️Creating your first perimeter
    • ✅Creating your first Audit
    • 📊Creating your first risk assessment
    • 🔎Overview
    • 🧰Extra tools
    • 🌐External resources
    • Understand mapping
    • Glossary
    • Data import wizard
  • Features highlight
    • Controls autosuggestion
    • Multi-level support
    • Flash mode
    • Evidences from clipboard
    • Library upgrade
    • Mapping explorer
    • SSO
      • Microsoft Entra ID
      • Okta
      • Keycloak
      • Google Workplace
    • Setting up Multi-Factor Authentication (MFA)
  • Model
    • 📁Organization
      • Add and manage users
      • User Groups
    • ⚙️Context
    • 🏛️Governance
    • 💣Risk
    • 📋Compliance
  • Deployment
    • Prerequisites
    • Local
    • Remote/Virtualization
    • Deploy on a VPS
    • Frequent questions
    • Setting up mailer
    • Updating your local instance
    • Helm Chart
    • Special cases
    • Upgrading a library
  • ✨Customization
    • Getting your custom framework
    • CIS Controls
    • Changing the language
  • Contributing
    • Internationalization
      • Translating the interface
    • Submit a library
  • Academy
    • Overview
    • Third Parties Risk Management
    • Etude EBIOS RM
Powered by GitBook

Community

  • Github
  • Discord

intuitem

  • Home
  • SaaS trial

© intuitem, 2018-2024

On this page

Was this helpful?

Export as PDF
  1. Guide

General tips

CISO Assistant is intended to be a multi-paradigm tool to suit everyone's background and approch to cyber security program organisation.

With that being said here are some standard recommendations to get the most of it, if you are just starting:

  1. Map your organisation to the domains/perimeters (or create basic ones)

  2. Add your users and assign them to the groups (SSO and MFA available even in Community)

  3. (recommended) Identify what are the assets to protect

  4. (recommended) Enumerate your existing capabilities/controls

  5. Define your baseline and focus on the basics - pick your controls and/or create new ones

  6. Get your actions implemented and reflect that on your audit progress

  7. Conduct a contextual risk assessment

  8. Share the insights with your organisation, review the priorities, and keep it alive

  9. Expand your coverage: periodic tasks, incidents, TPRM, findings managements, etc.

  10. Always keep focus on the actions and reflect their data on the other concepts

PreviousUnderstanding decouplingNextJourneys

Last updated 21 days ago

Was this helpful?