Control Library

The AXIS Control Library

The AXIS assessment scores 37 IAM controls across 9 identity domains, from privileged access to customer identity. Each entry below shows what the control asks and what failure looks like at low maturity, plus the compliance frameworks that cite it. 9 of them are domino controls: foundational capabilities that cap an organization's overall maturity score when they are weak, because everything downstream depends on them.

The Domino Concept

Why Some Controls Cap Your Score

A program with excellent access reviews but unmanaged admin credentials has a mature audit trail around an open door. The AXIS model encodes this: the weakest domino control caps the overall score, and the cap only lifts once that control reaches solid ground. The exact cap schedule is part of the scoring model. Averages hide weak foundations. The cap does not.

Score Your Program Against All 37 Controls

These pages show the teaser layer. The assessment itself walks you through the full rubric behind every control, applies the domino cap, and benchmarks the result against your industry. No signup required to start.