OBS Security Assessment Tool

Free, open-source assessments for ISO 27001/27002, NIS2, and CIS Controls v8. All data stays in your browser — no account, no tracking.

Start assessment Learn more
ISO 27001 ISO 27002 NIS2 CIS Controls v8 MIT
Capabilities

What it does

A guided questionnaire that maps your security controls against internationally recognised frameworks. Work through each domain, record your implementation status, and get an instant gap analysis — all without signing up or sending data anywhere.

ISO 27001 / 27002

Assess your ISMS controls against Annex A and the full ISO 27002 implementation guidance.

NIS2 Directive

Evaluate compliance with the EU NIS2 Directive requirements for network and information security.

CIS Controls v8

Measure your maturity against the CIS Critical Security Controls, organised into Implementation Groups.

Process

How it works

Three steps from start to actionable results.

Choose a template

Select a built-in framework template or import a custom JSON template to match your scope and objectives.

Complete the assessment

Answer each question at your own pace. Progress is saved automatically so you can resume at any time.

Review your results

See per-domain scores, identify gaps, and export a summary report for stakeholders or auditors.

Open source

Free & open source

Licensed under MIT. No sign-up, no telemetry, no data ever leaves your device. Inspect the source, run it locally, fork it, or contribute — it belongs to the community.

View on GitHub