How to Raise Your Compliance Score in CYRISMA
CYRISMA's Compliance Score is not influenced by simply completing compliance assessments or filling out audit documentation. Instead, it is dynamically calculated based on tactical and technical security implementations across your environment. This ensures your score reflects real-world security posture, not just paper-based compliance.
Written by Liam Downward
Updated at April 30th, 2025
- User Manual
- Self Onboarding Guide
- Agents
- The Cyber Risk Assessment Process
- API Documents
- General Questions and Troubleshooting
- The Cyber Risk Assessment Process (Video Tutorials)
- Sales and Prospecting Articles
- CYRISMA Partner Portal Access
- Glossary
- CYRISMA Change Log
- Support Ticket SLA
- Onboarding Framework
- PSA Integrations
- Billing Questions
Table of Contents
Key Actions That Improve Your Compliance Score
To positively impact your compliance score, focus on these core areas:
1. Deploy the Active Directory (AD) Monitor
CYRISMA assesses security settings within your Active Directory. A misconfigured AD is a major vulnerability and impacts compliance scoring. Ensure:
AD monitor is deployed and active
Key security policies (e.g., password complexity, account lockout policies) are properly enforced
2. Integrate Microsoft Secure Score
We utilize Microsoft Secure Score data to evaluate endpoint, identity, and cloud security configurations. You can raise your compliance score by:
Linking your Microsoft 365 environment
Implementing recommended actions within Microsoft Secure Score
Regularly reviewing and maintaining your secure score posture
3. Utilize Shadow IT and Risk Profiling
Shadow IT insights allow you to detect unapproved software and risky apps. Improve your compliance scoring by:
Running regular Shadow IT scans
Reviewing the Risk Profile Setup under Shadow IT
Classifying applications by risk level (High / Medium / Low)
🧠 Tip: If you don’t configure risk levels in Shadow IT, no risk will be assigned—impacting your visibility and scoring.
Common Misconceptions
“I completed a HIPAA Assessment, why didn’t my score improve?”
The platform scores technical safeguards, not documentation alone.