Implementation Groups (IGs)
The CIS Controls are tailored to an organization's size and resources through three Implementation Groups. Each IG is a stepping stone, with IG2 including all of IG1, and IG3 including all of IG1 and IG2. Click each group to learn its focus.
Choose Your Organization's Profile
🌱
IG1: Basic Cyber Hygiene
🏢
IG2: For Growing Businesses
🏛️
IG3: For Mature Organizations
Click a group above
The description of the selected Implementation Group will appear here.
The 18 CIS Critical Security Controls
Version 8 of the CIS Controls consists of 18 top-level controls, which are broken down into 153 specific Safeguards. The controls are organized by activity, not by who manages the device. Click an icon to explore each control.
Explore the Controls
Click a control above
The purpose and key safeguards of the selected control will appear here.
