Record of Processing Activities 
Transfer Impact Assessment 
Privacy Impact Assessment 
Cybersecurity Risk Management 
Interactive Awareness Program Cybersecurity
Controls (CSC)
Track and manage cybersecurity controls across 8+ frameworks with automated GAP analysis. ISO/IEC 21827:2008 maturity levels, visual dashboards, and task-linked evidence management — all in one platform.
What is the CSC Module?
The Cybersecurity Management System (CSC) module provides a comprehensive set of baseline security controls aligned with the industry's most widely adopted frameworks. Instead of maintaining separate spreadsheets for each framework, CSC consolidates everything — giving your CISO, security team, and auditors a single source of truth for your organization's security posture.
8+ Compliance Frameworks Supported
From the minimum viable security baseline to enterprise-grade frameworks — coverage for every compliance requirement.
Security Compliance That Grows With You
Start with the free MVSP baseline and scale to full enterprise coverage as your compliance program matures.
8+ Compliance Frameworks in One Place
Stop managing separate spreadsheets for each compliance framework. The Unicis CSC module consolidates MVSP, GDPR, ISO 27001, EU NIS2, CIS, C5, NIST CSF 2.0, and SOC 2 controls into a single, unified dashboard — with cross-mapping support on the Ultimate plan.
- MVSP v1.0 (Minimum Viable Secure Product) — free, Community plan
- GDPR cybersecurity requirements — free, Community plan
- ISO/IEC 27001 — Premium plan
- EU NIS2 Directive — Premium plan
- CIS Critical Security Controls v8.1 — Premium plan
- C5 Cloud Computing Compliance — Premium plan
- NIST CSF 2.0 — Ultimate plan
- SOC 2 — Ultimate plan
ISO/IEC 21827:2008 Maturity Levels
Go beyond simple pass/fail control tracking. The Unicis CSC module uses the ISO/IEC 21827:2008 Systems Security Engineering Capability Maturity Model (SSE-CMM) to measure your security maturity at each control level — giving your CISO a true picture of your security posture.
- Unknown — not yet assessed
- Not Performed — no recognizable policy or control
- Performed Informally — started, but significant work remains
- Planned — in progress but incomplete
- Well Defined — mostly complete, lacks active enforcement
- Quantitatively Controlled — implemented and operating
- Continuously Improving — fully satisfied, auditor-evidenced
Visual Security Posture Dashboard
Your security posture at a glance. The CSC dashboard combines a pie chart showing control status distribution with a radar chart mapping maturity levels across security domains — giving executives and auditors an immediate visual of your compliance health.
- Pie chart — distribution of Implemented, In Progress, Not Started controls
- Radar chart — ISO/IEC 21827:2008 maturity per security domain
- Charts update automatically when any control status changes
- Multi-framework tabs for easy navigation between frameworks
- Ideal for board-level reporting and executive dashboards
Task-Linked Controls & Evidence Management
Controls are not just checkboxes — they are backed by evidence. Link each CSC control to one or more Unicis tasks that serve as implementation evidence. One task can support multiple controls, and one control can reference multiple tasks. No artificial limits.
- Link controls to tasks as auditor evidence
- No limit on tasks per control or controls per task
- Control table: Code, Section, Control name, Requirements, Status, Tasks
- Full audit trail: Created, Updated, Deleted events per control
- Also available as a native Jira Cloud app
Framework Access by Plan
Start free with MVSP and GDPR controls, and unlock more frameworks as your compliance needs grow.
Community
Free — start your compliance journey with MVSP and GDPR controls.
Premium
For teams scaling their compliance across multiple frameworks.
Ultimate
Full coverage with all frameworks and cross-mapping support.
Start your cybersecurity compliance program today
Join organizations using Unicis CSC to track controls, measure maturity, and demonstrate compliance across 8+ frameworks — starting for free.