General tips

CISO Assistant is intended to be a multi-paradigm tool to suit everyone's background and approch to cyber security program organisation.

With that being said here are some standard recommendations to get the most of it, if you are just starting:

Map your organisation to the domains/perimeters (or create basic ones)
Add your users and assign them to the groups (SSO and MFA available even in Community)
(recommended) Identify what are the assets to protect
(recommended) Enumerate your existing capabilities/controls
Define your baseline and focus on the basics - pick your controls and/or create new ones
Get your actions implemented and reflect that on your audit progress
Conduct a contextual risk assessment
Share the insights with your organisation, review the priorities, and keep it alive
Expand your coverage: periodic tasks, incidents, TPRM, findings managements, etc.
Always keep focus on the actions and reflect their data on the other concepts

Last updated 1 month ago

Was this helpful?

CISO Assistant is intended to be a multi-paradigm tool to suit everyone's background and approch to cyber security program organisation.

With that being said here are some standard recommendations to get the most of it, if you are just starting:

Map your organisation to the domains/perimeters (or create basic ones)
Add your users and assign them to the groups (SSO and MFA available even in Community)
(recommended) Identify what are the assets to protect
(recommended) Enumerate your existing capabilities/controls
Define your baseline and focus on the basics - pick your controls and/or create new ones
Get your actions implemented and reflect that on your audit progress
Conduct a contextual risk assessment
Share the insights with your organisation, review the priorities, and keep it alive
Expand your coverage: periodic tasks, incidents, TPRM, findings managements, etc.
Always keep focus on the actions and reflect their data on the other concepts

Last updated 1 month ago

Was this helpful?