CIS Risk Assessment Method

CIS RAM (Center for Internet Security® Risk Assessment Method) is an information security risk assessment method that helps organizations implement and assess their security posture against the CIS Controls cybersecurity best practices. CIS RAM provides instructions, examples, templates, and exercises for conducting a cyber risk assessment.

Complete the form to start downloading CIS RAM.

Security at every level
Developed by HALOCK Security Labs in partnership with CIS, CIS RAM provides three separate security approaches to support different levels of organizational capability.

  • New to risk analysis? You can use CIS RAM’s instructions for modeling foreseeable threats against the CIS Controls as your organization applies them.
  • Experienced with cybersecurity? Follow instructions for modeling threats against information assets to determine how the CIS Controls should be configured to protect them.
  • Cyber risk expert? Use CIS RAM’s instructions for analyzing risks based on “attack paths” using CIS’ Community Attack Model.

Want to learn more about CIS RAM?
Attend our upcoming webinar:
April 30th at 10:00AM EDT. 
Arrow_Green Register for CIS RAM webinar

Download CIS RAM
Fill out the form below to get started.


* Indicates required field

Your Information is Safe With Us

At CIS we clearly understand the meaning of securing your information. We only use your contact information to help develop better reports and information for our members, and to reach out to you to see if we have any other CIS products or services that might be of help.