Know Your Cybersecurity Posture

The supported standards are: NIST Cybersecurity Framework (CSF), ISO/IEC 27001:2022, Digital Operational Resilience Act (DORA) and NIST SP 800-171.

After the payment, you will access to the form where the desired standard can be selected from a dropdown menu. The relevant controls or requirements will appear grouped into tabs. For each requirement/control you have one of the following options: Compliant, Partially Compliant, Not Compliant or Not Applicable. A progress bar shows your completion status in real time. Once submitted, the system performs a preliminary check to identify any inconsistencies in the responses. If inconsistencies are found, they will be highlighted on the form, giving you the option to review and adjust your answers before finalising the submission or to proceed anyway. After that, the tool generates a results page with your overall compliance score, visual graphs and AI-generated remediation suggestions. A professional PDF report with all assessment details can be downloaded from the results page.

No. This is a self-assessment tool designed to help you evaluate the cybersecurity posture of your organization or project.

No. This tool is not a certification body and does not issue official certifications. However, it can help you prepare for audits or formal certification processes by identifying gaps and organizing your compliance posture clearly.

No. This tool is meant to provide insights into your current alignment with the selected standard and to support the definition of a plan of action. While a high score is a positive indicator, it does not replace the need for an official audit or certification process.

“Key Insights & Recommendations” are summary observations automatically generated for each pillar or section of the selected standard. They provide a high-level overview based on your answers and offer a general strategic advice to improve the overall compliance posture.

For all requirements marked with Not Compliant or Partially Compliant, CysComply uses AI to generate customised suggestions. The suggested actions are mapped to the selected standard and aim to help you address gaps effectively improving the compliance posture.

Not necessarily. Each organisation has its own structure, resources and context. The suggestions are meant as a professional starting point, but additional or alternative actions may be needed depending on your specific environment and risk profile.

Absolutely! The platform was developed with privacy-by-design as a core principle. No account creation or subscription is required; no contracts or personal identifiers are collected; the only information required is that necessary to process the payment, which is handled through a secure third-party provider; you are never asked for your name, company name, or any sensitive business data, unless you drop a message for further support; all responses to the assessment remain anonymous and the answers are not stored in any database.

Sure. Additional support can be provided in defining and managing the plan of action, including strategic advice, documentation and coordination with internal stakeholders or external providers. This service is offered remotely (European time zone) and is not included in the self-assessment fee. It can be arranged separately based on your specific needs: drop a message with the contact form and I will back to you soon to discuss.

I am a cybersecurity professional with a technical background and extensive experience in governance, risk and compliance. Over the years, I worked with private companies, the defense industry and international organisations, supporting complex compliance initiatives across multiple frameworks. Previously certified as a CEH (Certified Ethical Hacker), I also hold a Lead Auditor certification for ISO/IEC 27001:2013 from 2019.
I am very familiar with the practical challenges businesses face: from managing assessments in Excel spreadsheets to dealing with the high costs of specialized GRC platforms. This tool was built to offer all the key features needed to perform an internal self-assessment, helping you understand the current “as-is” situation before starting formal certifications or compliance programs. And with a competitive price that even small and mid-sized businesses can afford.