Auditors focused on cyber security most often utilize a control oriented approach to assessing an organization. The question is always, which controls should the auditor use as the foundation for the assessment? Often times the scope of an audit will focus on the controls defined by a particular standards body or regulatory group. Assessments based on control standards such as the CIS Controls, the NIST Cybersecurity Framework, PCI DSS, and others are some of the most popular types of audits performed. As a result, at AuditScripts, we have created a series of Microsoft Excel based audit tools that an organization can use to measure their compliance with such a standard and create easy to read dashboards that can be used inside of an audit report. The following audit tools were designed to make it easier for auditors to assess their organization and report potential concerns to leadership.

Available Compliance Audit Tools

CIS Critical Security Control v7.0 Assessment Tool
CIS Critical Security Control v6.1 Assessment Tool
NIST Cyber Security Framework Assessment Tool
NIST 800-171 Assessment Tool
GDPR Assessment Tool
HIPAA Assessment Tool
PCI DSS v3.2 Assessment Tool
PCI DSS v3.1 Assessment Tool
PCI DSS v3.0 Assessment Tool
PCI DSS v2.0 Assessment Tool
Australian Top 35 Assessment Tool
Industrial Control System Assessment Tool
NERC CIP v5 Assessment Tool
NERC CIP v4 Assessment Tool
NERC CIP v3 Assessment Tool