people sitting on chair in front of computer monitor

CIS 18 Controls Assessment

Assess. Strengthen. Secure with Confidence.

At AABGM Inc., we help organizations evaluate and align their security programs with the CIS Critical Security Controls Version 8. Our CIS 18 Controls Assessment delivers a comprehensive review of your current environment, identifies gaps, and provides a clear roadmap for improved cybersecurity maturity.

black iphone 5 beside brown framed eyeglasses and black iphone 5 c
black iphone 5 beside brown framed eyeglasses and black iphone 5 c

Our assessment is structured around the three implementation groups defined by the Center for Internet Security, customized to your organization's size and risk profile.

  • Inventory of hardware and software assets

  • Secure configuration for servers, endpoints, and cloud environments

  • Identity and access management

  • Vulnerability management practices

  • Malware defenses and antivirus controls

  • Audit log collection and monitoring

  • Email and web browser protections

  • Backup and recovery controls

  • Incident response planning and testing

  • Application software security

  • Data protection and encryption standards

  • Account monitoring and behavioral analytics

  • Awareness training and secure workforce behaviors

  • Implementation Group mapping (IG1, IG2, IG3)

  • Gap scoring and maturity tracking

What We Assess in CIS 18

engineering drawing
engineering drawing

The CIS Controls are globally recognized as a practical, prioritized cybersecurity framework.
Whether you're preparing for insurance reviews, vendor audits, or compliance programs like HIPAA, NY SHIELD, or NIST, aligning with CIS gives your organization a solid foundation.

Security issues we commonly identify:


✔ Lack of asset inventory or documentation
✔ Poor patch and vulnerability management
✔ Weak access controls or privilege creep
✔ Inadequate monitoring or logging
✔ Missing response plans or backup strategies

Why CIS 18 Controls Matter

text
text

Step 1: Discovery Session
We learn about your infrastructure, goals, and implementation group level.

Step 2: Control-by-Control Assessment
We evaluate your current controls using interviews, technical reviews, and policy analysis.

Step 3: Gap Analysis and Scoring
We measure your environment against the CIS framework and assign maturity ratings.

Step 4: Risk Prioritization
We map weaknesses to potential risk impact and provide remediation priorities.

Step 5: Roadmap and Reporting
We deliver a detailed action plan aligned with your business objectives and compliance needs.

Our CIS Assessment Process

Business partners shake hands, making a deal.
Business partners shake hands, making a deal.
  • New York-based with over 12 years of cybersecurity and compliance experience

  • Supporting both small healthcare companies and large enterprise environments

  • Assessments performed by certified professionals including CISSP, CISA, CISM, CRISC, CCISO, and PMP

  • Deep understanding of CIS, NIST, HIPAA, and NY SHIELD frameworks

  • Reports designed for both technical and executive audiences

Why Choose AABGM Inc.

Our Training Partners

Our Technology Partners

gray computer monitor

Get Started Today!

Let AABGM help you align with CIS 18 Controls and strengthen your entire security program.