Assessment & Data Import File
The data you collect and input into the Excel data import file serves as the foundation for your CIS Critical Security Controls assessment in PowerBI.
The Excel data import file will serve as the data source for the PowerBI dashboard. Ensure that you update the pre-populated demo data in the Policy Defined, Control Implemented, Control Automated or Technically Enforced, Control Reported to Business, and Target Score columns based on your actual assessment before importing the data into PowerBI.
The Excel sheet has the following columns, some of which are pre-populated:
Control Number
The number of the CIS Control
Pre-populated (Do not change)
Control Name
The name of the CIS Control
Pre-populated (Do not change)
ID
The ID of the safeguard
Pre-populated (Do not change)
CIS Control Detail
The detail of the safeguard
Pre-populated (Do not change)
Implementation Group
The lowest implementation group of the safeguard
Pre-populated (Do not change)
Policy Defined
Assessed policy compliance status
Single-select
Control Implemented
Assessed implementation status
Single-select
Control Automated or Technically Enforced
Assessed automation and enforcement status
Single-select
Control Reported to Business
Assessed control reporting status
Single-select
Target Score
Target score for the safeguard
Numeric (0-4)
In-scope
Whether or not the safeguard is in scope for the assessment
Yes/No
Scoring
The assessment's scoring is based on the selected values for Policy Defined, Control Implemented, Control Automated or Technically Enforced, and Control Reported to Business.
Policy Defined
Pre-populated with demo data, this column is where you'll indicate the assessed policy compliance status for the associated sub-control. Each status maps to a 0-4 numeric score for that category.
Choose from the following single-select options:
Approved Written Policy (4)
Written Policy (3)
Partial Written Policy (2)
Informal Policy (1)
No Policy (0)
Control Implemented
Pre-populated with demo data, this column is where you'll indicate the implementation status for the associated safeguard. Each status maps to a 0-4 numeric score for that category.
Choose from the following single-select options:
Implemented on All Systems (4)
Implemented on Most Systems (3)
Implemented on Some Systems (2)
Parts of Policy Implemented (1)
Not Implemented (0)
Control Automated or Technically Enforced
Pre-populated with demo data, this column is where you'll indicate if the safeguard is enforced technically or otherwise automated. Each status maps to a 0-4 numeric score for that category.
Choose from the following single-select options:
Automated on All Systems (4)
Automated on Most Systems (3)
Automated on Some Systems (2)
Parts of Policy Automated (1)
Not Automated (0)
Some safeguards cannot be automated or technically enforced. These controls have been marked as “Not Applicable” and should not be changed.
Control Reported to Business
Pre-populated with demo data, this column is where you'll indicate if the safeguard is reported back to the business. Each status maps to a 0-4 numeric score for that category.
Choose from the following single-select options:
Reported on All Systems (4)
Reported on Most Systems (3)
Reported on Some Systems (2)
Parts of Policy Reported (1)
Not Reported (0)
Some safeguards cannot be automated or technically enforced. These controls have been marked as “Not Applicable” and should not be changed.
Target Score
Pre-populated with demo data, this is a numeric field where you can set the target score for that safeguard on a 0-4 scale. This will be used to compare the assessed score for each sub-control against what the organization is looking to achieve.
Importing the Data into PowerBI
After filing out the Excel sheet:
Save the Excel file in a location you can easily access
Open the PowerBI template
When prompted, enter the full filepath to the saved Excel file
Your PowerBI dashboard will automatically populate based on the data
Last updated