Announcing the CIS Top 20 Critical Security Controls Questionnaire

April 12, 2017

Whistic is pleased to announce our recent partnership with the Center for Internet Security. As part of this partnership Whistic now provides a CIS TOP 20 Critical Security Controls questionnaire on the Whistic platform.

Learn more about the CIS Top 20.

The CIS Critical Security Controls (CIS Controls) are a concise, prioritized set of cyber practices created to stop today’s most pervasive and dangerous cyber attacks. The CIS Controls are developed, refined, and validated by a community of leading experts from around the world.

Top 20 Controls Self-Assessment

Once an organization has completed the assessment they will be scored based on Whistic’s patent pending CrowdConfidence algorithm. A completed assessment can be used internally to ensure security gaps are known by the organization and can be addressed. They can also be shared externally with customers, partners, or auditors.

Here what the state of California had to say about the CIS Top 20 Critical Security Controls in the California Data Breach Report 2016

The set of 20 Controls constitutes a minimum level of security — a floor — that any organization that collects or maintains personal information should meet. The failure to implement all the Controls that apply to an organization’s environment constitutes a lack of reasonable security.”

In a SANS report on adoption and implementation of the Controls, they are described as providing:

“the prioritized guidance that cost-conscious executives are looking for when determining where best to invest their limited technology budgets.”

If you’d like to speak with a Whistic representative, please click here to schedule a conversation.

About Whistic

Whistic is an award winning risk assessment and analytics platform that makes it easy for companies to assess service providers or self assess against compliance and security standards (e.g. CIS Top 20 Critical Security Controls). Headquartered in Orem, Utah at the heart of the Silicon Slopes Whistic is the creator of the CrowdConfidence Scoring algorithm that leverages the wisdom of crowds to assess the inherent and residual risks of sharing data with a vendor. Whistic was the recipient of the “Best Enterprise” award at the World’s Largest Startup Event: Launch Festival 2016.

For more information about Whistic, visit:

cybersecurity security standards internet infosec

About the author


The latest insights and updates on information security and third party risk management.

Hate security reviews?
Want FREE AirPods?*

Offer valid for any decision-maker/influencer in relation to your company’s third-party risk management strategy. Company size must exceed 100 employees. Exclusions apply. Limit 1 pair per company.