The Executive Report in ControlsInsight helps users understand the value of applying assessed security controls so that they can improve their security posture as reflected in the overall defense grade.
The first section of the report starts out by highlighting the overall grade based on current coverage of each security control and then expands on that to show the grade based on the each of the well known attack vectors the controls affect.
Next this section gives a summary of overall coverage for each of the evaluated high-level security controls, combined with a simple delta reflecting what the most recent change in coverage has been. This roll-up can give a quick overview of how well the evaluated controls are performing in your environment.
The next section the report outlines the recommended procedures to improve the overall security grade and reach a better security posture. As a convenience the report recommends the number of prioritized procedures to follow to reach the next grade. That number appears in the top right of the page.
Following these recommendations is a prioritized list of procedures that can be taken to improve overall security posture. Numbers indicate what effect these procedures can have on your overall defense grade when they reach a coverage of 100% in your environment.
Leveraging this information you can quickly evaluate how applying each control can affect your posture and establish priorities for implementing or improving effectiveness of controls.
For those among us that want a more detailed view of the coverages for each individual security control, the report provides an expanded list with the same simple deltas in the current status section.