What CiSACS Does


The Most Powerful and Comprehensive Industrial Risk Management and Compliance Tool

A comprehensive process and methodology is not the only thing that sets CiSACS apart. Now, CiSACS is powered by Modulo's award winning Risk Manager"'. CiSACS now provides the process as well as the framework and tools to provide you with the most powerful and comprehensive Industrial risk management and compliance tool available.

CiSACS provides a platform and mechanisms with which to analyze and manage all of the data collected from industrial security and compliance audits. tests and assessments. It can then automate risk calculations, correlate the data to organizational functions and business objectives, gauge compliance with multiple standards. help align internal standards with Industry standards, help prepare and manage mitigation strategies, manage work flow with task assignment and tracking, and consolidate policies and procedures into an organizational knowledgebase. The CiSACS Module also adds additional knowledge bases that include Industry and SCADA specific devices and applications.

One of the most notable features of CiSACS is its update feature, which automatically keeps asset owners up to date on the latest changes in industry standards, guidelines, best practices, and requirements, which can then be immediately applied to your infrastructure.

CiSACS allows for customized vulnerability severity ratings, asset prioritization, standards prioritization, and a full range of customizable reports generation. Finally, CiSACS provides support for Business Continuity and Disaster Recovery Plans, and offers several communication tools including an internal forum.

CiSACS helps organizations to:

  • Carry out Governance, Risk and Compliance gap analysis projects in an optimized way
  • Manage compliance and multiple risk assessments with a single tool
  • Carry out more efficient and cost-effective audits and assessments
  • Establish Physical. Operational and Cyber risk assessment management processes
  • Perform controls based as well as vulnerability based security assessments
  • Automatically calculate risk, fends, and compliance analysis
  • Develop multiple levels of customizable reports including
    • a risk scorecard and
    • comprehensive detailed reports complete with recommendations
  • Track how the organizations risk profile is evolving
  • Gauge and align your internal standards with your own internal policies and procedures
  • Support implementation requirements for your internal standards and industrial standards including, but not limited to:
    • ISO 17799 / 27002
    • ISO 27001
    • API 1164
    • ISA 99
    • NERC CIP
    • NIST 800-53
    • NIST 800-82
    • CFATS
    • TSA Pipeline Security Guidelines
  • Assess your environment against standards other than just security such as measurements, displays, etc.
  • Manage / Create Business Continuity and Disaster Recovery Plans for continuity and Succession planning
  • Manage remediation tasks with a ticketing system style work flow manager
  • Facilitate interdepartmental cohesion between Process Control and enterprise environments