AnzenOT includes control assessment questionnaires for commonly referenced frameworks, including:

• ISA 62443-2-1

• NIST CSF

• NIST 800-53

• CMMC

• Mitre ICS Controls

• DoD Zero Trust Capabilities

More assessments will be added over time, and customers may also easily upload their own custom assessments using a simple .csv file format. Assessments can be stand-alone but their value comes in attaching them to a CyberPHA. Each question asks the user to indicate whether a control has been implemented and the estimated effectiveness of the control. There is also an optional control weighting that can be applied. The results of the control assessment are then used as one of the factors in determining risk assessment outcomes.