The CIS RAM Helps You Apply the Right Amount of Security
CIS RAM Learn More
Balance Security, Compliance, & Business Goals with Reasonable Safeguards. Establish your acceptable risk.
CIS (Center for Internet Security) and HALOCK Security Labs have co-developed the CIS Risk Assessment Method (RAM) to help organizations justify investments for "reasonable" implementation of the CIS Controls.
CIS RAM is an information security risk assessment method that helps organizations design and evaluate their implementation of the CIS Controls. CIS RAM provides instructions, examples, templates, and exercises for conducting risk assessments. And because CIS RAM is based on the Duty of Care Risk Analysis (DoCRA) Standard, its risk assessments meet the requirements of established information security risk assessment standards and demonstrate whether safeguards are “reasonable” and “appropriate” as regulators and judges often require.
Here are some helpful tools and resources to start your journey to build a balanced risk strategy.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.