Delve
AI-native compliance automation with agent-based evidence collection
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Unified GRC platform decoupling compliance from cybersecurity controls
CISO Assistant is a multi-paradigm GRC platform that decouples compliance from security controls, enabling reusability, smart linking, and automation across 35+ built-in frameworks.
CISO Assistant reimagines Governance, Risk, and Compliance (GRC) by decoupling compliance tracking from cybersecurity controls. This separation enables teams to reuse assessments across multiple frameworks, evaluate a single scope against several standards simultaneously, and eliminate redundant data entry. Built with an API-first architecture, the platform supports both UI-driven workflows and external automation.
The platform ships with 35+ pre-loaded frameworks—including ISO 27001, NIST CSF, NIS2, SOC2, PCI DSS, GDPR, and CMMC—alongside integrated risk assessment and remediation tracking workflows. An open format allows teams to import custom frameworks using simple syntax, while rich import/export capabilities span UI, CLI, Kafka, and report generation.
Developed by Intuitem, CISO Assistant addresses tool fragmentation and data duplication challenges faced by cybersecurity and IT professionals. Its multi-paradigm design adapts to diverse methodologies, and smart object linking creates a central hub that promotes interoperability and simplification. Self-hosting options via Docker and a cloud SaaS trial make deployment straightforward for teams of any size.
When teams consider CISO Assistant, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Multi-Framework Compliance Mapping
Evaluate a single security scope against ISO 27001, NIST CSF, and NIS2 simultaneously, reusing control assessments to reduce audit preparation time by 60%.
Automated Risk Remediation Tracking
Integrate CISO Assistant APIs with ticketing systems to automatically sync remediation tasks, ensuring real-time visibility into control implementation status.
Custom Framework Import for Industry Standards
Import proprietary or sector-specific frameworks using the open format, enabling compliance tracking for internal policies alongside public standards.
Centralized GRC Hub for Distributed Teams
Provide a single source of truth for cybersecurity controls, risk assessments, and compliance evidence across global offices, reducing data duplication and inconsistencies.
CISO Assistant separates control implementation from compliance tracking, so a single control can satisfy requirements across multiple frameworks without re-assessment.
Yes. Use the provided Docker Compose scripts for self-hosting on your infrastructure, or try the cloud SaaS free trial for faster onboarding.
35+ frameworks ship out-of-the-box, including ISO 27001, NIST CSF, NIS2, SOC2, PCI DSS, GDPR, CMMC, DORA, and Essential Eight. Custom frameworks can be imported.
All platform functions are accessible via REST APIs, enabling automation, CI/CD integration, and data exchange with external tools like SIEM, ticketing, or BI systems.
Yes. The Docker deployment is lightweight, and the decoupling model reduces manual work, making it practical for teams of any size managing one or more frameworks.
Project at a glance
ActiveLast synced 4 days ago
