Get your bundle

Deliver CIS Controls as a recurring service

Go from understanding CIS Controls to delivering them as a managed service. Our bundle provides a practical rollout plan and technical companion that translates complex controls into clear, actionable steps for stronger client cybersecurity.

Get your bundle
The CIS controls implementation guide and the CIS controls guide companion, one in front of the other.

A smarter way to deliver CIS controls

Turn assessment to action

Your clients assume you have a security plan, and now you will. From initial assessment to implementation and beyond, you’ll have everything you need to build a strategic cybersecurity roadmap while giving your team the clarity to execute it with confidence.

Simplify complex frameworks

CIS Controls can feel overwhelming when dealing with three Implementation Groups and over 150 safeguards at once. The guide simplifies IG1, IG2 and IG3 into clear, sequenced phases and translates each sub-control into a strategy your whole team can act on.

Lean on your experts

We’ve helped over 12,000 MSPs since 1998 and we can help yours too. We’re there every step of the way to ensure everything goes smoothly, from co-creating security assessment templates to building the product stack that turns CIS Controls into billable, scalable services.

Two essential tools in one practical approach

Most MSPs understand the CIS Controls framework, but struggle with tranforming it into an actionable service offering. This bundle closes that gap by providing two complementary resources designed to help you plan and launch effective client cybersecurity strategies.

The implementation guide

As the strategic roadmap, the implementation guide helps translate CIS Controls into a practical, client-ready delivery model and provides:

  • A time-based rollout plan that’s easy to follow
  • A five-stage maturity model to guide implementation and progress
  • Technical requirements translated into clear, client-facing outcomes

The technical companion

Designed for technical teams, the companion guide removes implementation ambiguity by breaking down all 18 CIS Controls and sub-controls into simple terms, so you can:

  • Understand what to implement and why it matters
  • Align implementation across all teams
  • Reduce inconsistencies in execution across various client environments
  • Map controls to other compliance standards

Everything you need for a successful CIS rollout

  • A phased implementation roadmap so you know what to deploy each quarter
  • Plain-language breakdowns of all 18 controls and their sub-controls
  • Guidance on selecting the right implementation group for each client
  • Assessment checklists and gap analysis tools to use in client engagements
  • Framework mappings for clients with multiple compliance needs
  • Templates and MSP-specific tips built into every phase of the rollout
Office Protect interface shown on a laptop

Get your bundle

Get instant access to the CIS Implementation Bundle. Fill out the form to receive both the implementation guide and technical companion.

Built for MSPs who:

  • Know CIS Controls but haven’t operationalized them
  • Want to launch or grow a managed security offering
  • Need a repeatable, scalable way to deliver cybersecurity services
  • Are tired of translating frameworks into real-world execution

Compiled by:

Roddy Bergeron is the Cybersecurity Technical Fellow at Sherweb. He helped build an MSP's managed service, managed security, vCISO, and compliance programs from the ground up. With certifications including MCSE, CCNA Security, CEH, CCSP, CISSP, and CSAP, he has spent his career turning complex security frameworks into practical service delivery. If you have a CIS Controls question, he probably has the answer.

Portrait of Roddy Bergeron Roddy Bergeron, CISSP, CCSP, CSAP