ITSELECT platform online guide

1. Overview

ITSELECT Executive Cockpit turns technical and organisational signals into executive indicators. It is not designed to replace a SOC, SIEM or full ITSM platform. Its purpose is to give decision-makers a clear view of digital exposure, priorities and progress over time.

2. Roles and access

The platform relies on strict role separation. A client only sees its own domains, scans, diagnostics and reports. ITSELECT administrators supervise active clients and the platform configuration.

3. Executive cockpit

The main page summarises the situation around the ITSELECT Exposure Index™. It consolidates technical health, IT governance, NIS2 and DORA when these diagnostics are enabled for the client.

• Overall score: quick reading of digital exposure.
• 4 pillars: technical, governance, NIS2 and DORA.
• Top risks: consolidated priority risks.
• Roadmap: 30 / 60 / 90-day actions.

Non-essential diagnostics can be disabled per client to keep the client view simple.

4. Automated controls

The Controls module analyses visible fundamentals of the organisation. The scan button runs the checks and saves the result in history.

5. Microsoft 365 Lite

Microsoft 365 is connected through read-only Microsoft Graph access. The client grants administrator consent, then the cockpit reads only the information needed for governance assessment.

• Tenant and domain information.
• Users, guest accounts and disabled accounts.
• Administrator roles.
• Reports available according to granted permissions.
• Secure Score when the additional permission is enabled.

MFA reading may remain an assisted verification depending on permissions, licences and reporting availability in the tenant.

6. Risk Engine

The Risk Engine converts technical results and diagnostic answers into understandable risks. It avoids showing a raw list of controls and produces a prioritisation that management can use.

Each risk can be new, persistent, resolved, worsened or improved over time.

7. Integrated diagnostics

Diagnostics complement automated scans with maturity and governance analysis. Each diagnostic can be enabled or disabled per client.

DORA can remain disabled by default if the organisation is not a financial entity or a critical ICT supplier to a financial entity.

8. History and progress

History keeps scans and allows teams to track score, controls and risk evolution. For a client user, history is strictly limited to their organisation.

• Latest scan and previous scan.
• Score evolution by domain.
• New, resolved and persistent risks.
• Traceability by date, client and domain.

9. Board-level reports

Reports convert results into documents that a management committee can read. They can be printed as browser PDF, sent by email and archived in the report history.

10. Multi-client administration

The ITSELECT admin space manages clients, domains, users, invitations, password resets, enabled diagnostics and scheduled scans.

• Create and suspend clients.
• Add domains and define the primary domain.
• Invite users with a secure link.
• Reset passwords through a temporary token.
• Schedule weekly, monthly or quarterly scans.
• Log client connections.

11. Security and good practices

The platform should remain restrained in the data it collects. It stores scores, statuses, risks and governance information, but should not collect unnecessary content such as emails, SharePoint files or passwords.