6igma Group / Cyber Risk OS

Subsidiary 03

CyberRisk
Architecture
OS

Enterprise Risk Governance

The world's first enterprise cyber risk operating system — delivering a single-pane-of-glass view of organizational risk through the EISSM Score and the EISSAF Framework.

Launch Platform Read the MCRAM Book

The Score

EISSM Score

Enterprise Score 734 Strong Posture

Just as a credit score gives lenders a single trusted number to assess financial risk, the EISSM Score gives Boards, Regulators, and Risk Managers a single quantified number to assess enterprise cyber risk.

It eliminates the ambiguity of traditional risk reporting — replacing sprawling risk registers and inconsistent assessments with a clear, defensible, data-driven number that every stakeholder can understand and act on.

Quantified Risk Rating Board-Ready Reporting Regulatory Grade Benchmarkable

The Framework

EISSAF

The Enterprise Information Systems Security Architectural Framework is a three-dimensional model spanning 4 layers, 3 perspectives, 4 attributes, and 3 lenses — producing 48 dimensional cells that together define the complete surface of enterprise cyber risk. Codified across 7 volumes and 4,000+ pages in the MCRAM book series by Dr. Wole Akpose.

Layers 4
Strategic
Business
Systems
Operational
Perspectives 3
People
Policies
Technology
Attributes 4
Confidentiality
Integrity
Availability
Privacy
Lenses 3
Threat
Defence
Impact
4 × 3 × 4 × 3 = 48 Dimensional Cells — The Complete Enterprise Risk Surface

Who Uses It

Built for Every
Risk Stakeholder

Cyber Risk Analysts
Deep-dive into EISSAF dimensional scores, run assessments, and produce structured risk outputs with a rigorous, repeatable methodology.
Risk Managers
Monitor the enterprise EISSM Score, track risk posture over time, prioritize remediation, and allocate resources to the highest-impact areas.
Auditors
Leverage the EISSAF Framework as a structured audit lens to independently assess and verify enterprise cyber risk posture with defensible evidence.
Boards
Receive clear, jargon-free EISSM Score reporting that translates technical cyber risk into the business language boards need for governance oversight.
Regulators
Use the EISSM Score as a standardized benchmark for cross-organization risk comparison, regulatory reporting, and sector-wide oversight.
Access the Platform