CIS Controls v8
Practice: Cybersecurity · Type: Standard
The CIS Controls v8 are a prioritised set of 18 safeguards published by the Center for Internet Security, grouped into Implementation Groups (IG1–IG3) by organisational risk and capability.
Benefits
- Scored on CIS Controls v8's own scale — not a generic rubric.
- Every score is traceable to the client's own evidence for each safeguard.
- Highest-impact gaps ranked first, aligned to the relevant Implementation Group.
- A board-ready slide deck and a detailed report generated automatically.
- Re-runnable to show safeguard coverage improving over time.
When to use it
- To benchmark a security programme against a prioritised, practical control set.
- When a client needs to know which safeguards matter most for their risk and capability.
- To choose and validate the right Implementation Group (IG1–IG3).
- To measure improvement after closing safeguard gaps.
What it assesses
Celeredge benchmarks the client against the 18 CIS Controls and the relevant Implementation Group, evidences which safeguards are in place, and ranks the highest-impact gaps. It covers:
- The 18 CIS Controls and their safeguards
- The applicable Implementation Group (IG1–IG3)
- Which safeguards are in place versus missing
Expected output
Celeredge produces per-control maturity scores on the CIS Controls v8 scale. Each answer carries a confidence signal and citations back to the client's evidence, and gaps are ranked by severity. The run generates a board-ready slide deck and a detailed HTML report. See Maturity Scoring, Reports and Deck Studio.
How to use it in Celeredge
- Collect the client's evidence — control and configuration records — see Evidence Collection.
- In Diagnose, select CIS Controls v8.
- Run the assessment and watch it stream — see Running Assessments.
- Review per-control answers with their confidence and citations, then accept the ones you trust.
- Send gaps to Plan — see Gap Analysis.
FAQ
What is CIS Controls v8?
Published by the Center for Internet Security, CIS Controls v8 is a prioritised set of 18 safeguards. To match effort to an organisation's risk and capability, the controls are grouped into three Implementation Groups, IG1 through IG3.
What does a Celeredge CIS Controls v8 assessment deliver?
An evidence-based maturity assessment scored on the framework's own scale, with gaps ranked by severity and an auto-generated, board-ready slide deck and detailed report — every score traceable to the evidence behind it.
How does the assessment work?
Clients upload their own evidence — policies, reports and data. An AI interviewer asks targeted follow-ups to fill anything missing, the platform scores against the framework, ranks the gaps, and generates the deliverables.
Celeredge runs an independent readiness and alignment review against this framework. It is not a certification audit and is not endorsed by the standard's owner. Framework and standard names are trademarks of their respective owners.