, , , , ,

CISO Assistant — One-stop GRC Platform for Risk Management, AppSec

By CyTools
Published On: March 29, 2026
CISO Assistant

CISO Assistant offers a fresh perspective on Cybersecurity Management and GRC (Governance, Risk, and Compliance) practices:

  • Designed as a central hub to connect multiple cybersecurity concepts with smart linking between objects,
  • Built as a multi-paradigm tool that adapts to different backgrounds, methodologies, and expectations,
  • Explicitly decouples compliance from cybersecurity controls, enabling reusability across the platform.
  • Promotes reusability and interlinking instead of redundant work,
  • Developed with an API-first approach to support both UI interaction and external automation,
  • Comes packed with a wide range of built-in standards, security controls, and threat libraries,
  • Offers an open format to customize and reuse your own objects and frameworks,
  • Includes built-in risk assessment and remediation tracking workflows,
  • Supports custom frameworks via a simple syntax and flexible tooling,
  • Provides rich import/export capabilities across various channels and formats (UI, CLI, Kafka, reports, etc.).

Features

Upcoming features are listed on the roadmap.

CISO Assistant is developed and maintained by Intuitem, a company specializing in Cybersecurity, Cloud, and Data/AI.

Core Concepts

Here’s an extract of some of the building blocks in CISO Assistant to illustrate the decoupling concept that encourages reusability:

System architecture

Supported frameworks 

ISO 27001:2013 & 27001:2022 🌐

  1. NIST Cyber Security Framework (CSF) v1.1 🇺🇸
  2. NIST Cyber Security Framework (CSF) v2.0 🇺🇸
  3. NIS2 🇪🇺
  4. SOC2 🇺🇸
  5. PCI DSS 4.0.1 💳
  6. CMMC v2 🇺🇸
  7. PSPF 🇦🇺
  8. General Data Protection Regulation (GDPR): Full text and checklist from GDPR.EU 🇪🇺
  9. Essential Eight 🇦🇺
  10. NYDFS 500 with 2023-11 amendments 🇺🇸
  11. DORA (Act, RTS, ITS and GL) 🇪🇺
  12. NIST AI Risk Management Framework 🇺🇸🤖
  13. NIST SP 800-53 rev5 🇺🇸
  14. France LPM/OIV rules 🇫🇷
  15. CCB CyberFundamentals Framework 🇧🇪
  16. NIST SP-800-66 (HIPAA) 🏥
  17. HDS/HDH 🇫🇷
  18. OWASP Application Security Verification Standard (ASVS) 4 🐝🖥️
  19. RGS v2.0 🇫🇷
  20. AirCyber ✈️🌐
  21. Cyber Resilience Act (CRA) 🇪🇺
  22. TIBER-EU 🇪🇺
  23. NIST Privacy Framework 🇺🇸
  24. TISAX (VDA ISA) v5.1 and v6.0 🚘
  25. ANSSI hygiene guide 🇫🇷
  26. Essential Cybersecurity Controls (ECC) 🇸🇦
  27. CIS Controls v8* 🌐
  28. CSA CCM (Cloud Controls Matrix)* ☁️
  29. FADP (Federal Act on Data Protection) 🇨🇭
  30. NIST SP 800-171 rev2 (2021) 🇺🇸
  31. ANSSI : recommandations de sécurité pour un système d’IA générative 🇫🇷🤖
  32. NIST SP 800-218: Secure Software Development Framework (SSDF) 🖥️
  33. GSA FedRAMP rev5 ☁️🇺🇸
  34. Cadre Conformité Cyber France (3CF) v1 (2021) ✈️🇫🇷
  35. ANSSI : SecNumCloud ☁️🇫🇷
  36. Cadre Conformité Cyber France (3CF) v2 (2024) ✈️🇫🇷
  37. ANSSI : outil d’autoévaluation de gestion de crise cyber 💥🇫🇷
  38. BSI: IT-Grundschutz-Kompendium 🇩🇪
  39. NIST SP 800-171 rev3 (2024) 🇺🇸
  40. ENISA: 5G Security Controls Matrix 🇪🇺
  41. OWASP Mobile Application Security Verification Standard (MASVS) 🐝📱
  42. Agile Security Framework (ASF) – baseline – by intuitem 🤗
  43. ISO 27001:2013 🌐 (For legacy and migration)
  44. EU AI Act 🇪🇺🤖
  45. FBI CJIS 🇺🇸👮
  46. Operational Technology Cybersecurity Controls (OTCC) 🇸🇦
  47. Secure Controls Framework (SCF) 🇺🇸🌐
  48. NCSC Cyber Assessment Framework (CAF) 🇬🇧
  49. California Consumer Privacy Act (CCPA) 🇺🇸
  50. California Consumer Privacy Act Regulations 🇺🇸
  51. NCSC Cyber Essentials 🇬🇧
  52. Directive Nationale de la Sécurité des Systèmes d’Information (DNSSI) Maroc 🇲🇦
  53. Part-IS ✈️🇪🇺
  54. ENS Esquema Nacional de seguridad 🇪🇸
  55. Korea ISA ISMS-P 🇰🇷
  56. Swiss ICT minimum standard 🇨🇭
  57. Adobe Common Controls Framework (CCF) v5 🌐
  58. BSI Cloud Computing Compliance Criteria Catalogue (C5) 🇩🇪
  59. Référentiel d’Audit de la Sécurité des Systèmes d’Information, ANCS Tunisie 🇹🇳
  60. ECB Cyber resilience oversight expectations for financial market infrastructures 🇪🇺
  61. Mindeststandard-des-BSI-zur-Nutzung-externer-Cloud-Dienste (Version 2.1) 🇩🇪
  62. Formulaire d’évaluation de la maturité – niveau fondamental (DGA) 🇫🇷
  63. NIS2 technical and methodological requirements 2024/2690 🇪🇺
  64. Saudi Arabian Monetary Authority (SAMA) Cybersecurity Framework 🇸🇦
  65. Guide de sécurité des données (CNIL) 🇫🇷
  66. International Traffic in Arms Regulations (ITAR) 🇺🇸
  67. Federal Trade Commission (FTC) Standards for Safeguarding Customer Information 🇺🇸
  68. OWASP’s checklist for LLM governance and security 🌐
  69. Recommandations pour les architectures des systèmes d’information sensibles ou à diffusion restreinte (ANSSI) 🇫🇷
  70. CIS benchmark for Kubernetes v1.10 🌐
  71. De tekniske minimumskrav for statslige myndigheder 🇩🇰
  72. Google SAIF framework 🤖
  73. Recommandations relatives à l’administration sécurisée des SI (ANSSI) 🇫🇷
  74. Prudential Standard CPS 230 – Operational Risk Management (APRA) 🇦🇺
  75. Prudential Standard CPS 234 – Information Security (APRA) 🇦🇺
  76. Vehicle Cyber Security Audit (VCSA) v1.1 🚘
  77. Cisco Cloud Controls Framework (CCF) v3.0 ☁️🌐
  78. FINMA – Circular 2023/01 – Operational risks and resilience – Banks 🇨🇭
  79. Post-Quantum Cryptography (PQC) Migration Roadmap (May 2025) 🔐
  80. Cloud Sovereignty Framework – 1.2.1 – Oct 2025 🇪🇺
  81. ISO 22301:2019 outline – Business continuity management systems 🌐
  82. CCB CyberFundamentals Framework 2025 🇧🇪
  83. Prestataires de détection des incidents de sécurité (PDIS) – Référentiel d’exigences 🇫🇷
  84. Vendor Due Diligence – simple baseline – intuitem 🌐
  85. Points de contrôle Active Directory (AD) – ANSSI 🇫🇷
  86. ISO 42001:2023 outline – Artificial Intelligence Management System, including Annex A 🤖🌐
  87. India’s Digital Personal Data Protection Act (DPDPA) – 2023 🇮🇳
  88. E-ITS (Estonia’s national cyber security standard) – 2024 🇪🇪
  89. Microsoft cloud security benchmark v1 – ☁️🌐
  90. Baseline informatiebeveiliging Overheid 2 (BIO2) 🇳🇱
  91. ANSSI : Questionnaire MonAideCyber 🇫🇷
  92. ITSP.10.171 – Protecting specified information in non-Government of Canada systems and organizations 🇨🇦
  93. CISA Vendor Supply Chain Risk Management (SCRM) Template 🇺🇸
  94. European Sustainability Reporting Standards (ESRS) 🇪🇺
  95. ITIL 4 Management Practices 🌐
  96. NOREA – DORA in Control Framework v3.0 🇪🇺
  97. NIS-1 transposition FR 🇫🇷
  98. PSSI État 🇫🇷
  99. Checklist de dossier d’homologation 🇫🇷
  100. Cahier des charges Label EBIOS RM v3.1 🇫🇷
  101. SecNumCloud v3.2 Annexe 2 : recommandations aux commanditaires ☁️🇫🇷
  102. CCB CyberFundamentals Small – Self assessment 🇧🇪
  103. Mitre ATT&CK v18.1 – Threat catalog 🌐
  104. Mitre D3FEND – Reference controls 🌐
  105. OWASP Top 10 Web – Threat catalog 🐝🌐
  106. OWASP MAS Threat Modelling Guide – Threat catalog 🐝📱
  107. CISA Cybersecurity Performance Goals (CPG) v2.0 🇺🇸
  108. ANSSI : Référentiel Cyber France pour la réglmentation NIS2 (ReCyF) 🇫🇷
CISO Assistant Community

CyTools

Related Post

Leave a Comment

CyberTools Logo

All-in-one platform with SIP, SWP, PPF calculators and PNG to JPEG, WebP, SVG, PDF converters. Fast, user-friendly, and ad-free—perfect for financial planning and file conversion.

Finance Tools

SIP Calculator Lumpsum Calculator SWP Calculator M F Calculator

File converter

PNG to JPEG PNG to WEBP PNG to PDF PNG to SVG

QUICK LINKS

About Us Contact Us Disclaimer Privacy Policy

© 2025 CyberKendra.com • All rights reserved