CIS Controls

CIS Controls provides easy to follow guidance on securing the various domains of your IT Infrastructure. CIS Controls maps to compliance stadards: NIST, SOC2, GDPR, HIPPA, & PCI,

List

 CIS Control 1: Inventory and Control of Enterprise Assets
 CIS Control 2: Inventory and Control of Software Assets
 CIS Control 3: Data Protection
 CIS Control 4: Secure Configuration of Enterprise Assets and Software
 CIS Control 5: Account Management
 CIS Control 6: Access Control Management
 CIS Control 7: Continuous Vulnerability Management
 CIS Control 8: Audit Log Management
 CIS Control 9: Email and Web Browser Protections
 CIS Control 10: Malware Defenses
 CIS Control 11: Data Recovery
 CIS Control 12: Network Infrastructure Management
 CIS Control 13: Network Monitoring and Defense
 CIS Control 14: Security Awareness and Skills Training
 CIS Control 15: Service Provider Management
 CIS Control 16: Application Software Security
 CIS Control 17: Incident Response Management
 CIS Control 18: Penetration Testing

References

 https://www.cisecurity.org/controls/cis-controls-list