Security Controls reduce the likelihood of and discover threats to system and information assets, as well as eliminating vulnerabilities and decreasing the impact of exploited exposures.

Control Catalogues

The Control Catalogues may be derived from industry standards or business specific, all of which may be cross referenced to allow standard compliance traceability between catalogues.

Cybersecurity Frameworks

Each Cybersecurity Framework provides a holistic view across one or more Control Catalogues, categorising the controls into logical groups.

Maturity Models

The mapping between Control Objectives and their associated level of maturity supports quantitative
point-in-time assessments and target state planning.