DOCUMENTATION

Reports & Evidence

Access, download, and understand your CIS-approved assessment reports for compliance audits and documentation.

What are Reports?

Reports are CIS-approved and certified documents that can be downloaded as PDF files and presented as proof during an audit. These comprehensive reports provide detailed evidence of your organization's compliance status with CIS Benchmark standards for Microsoft 365.

Audit-ready: ConfigCobra reports are designed to meet audit requirements and can be directly submitted to auditors, compliance teams, or stakeholders as official documentation of your security posture.

Log in to ConfigCobra

Access the ConfigCobra application using your credentials.

Navigate to Reports page

Go to the Reports section where you can view and download all your past assessment reports.

Go to the Reports tab where you can see all of your past assessments (both automated and manual). Learn more about how to run an assessment or about scheduled scans.

View assessment outcomes

Browse through all your past assessments and see their outcomes, dates, and status information.

You can see the outcomes of each assessment displayed in the reports list, including the assessment date, benchmark type, and overall compliance status.

Download reports

Export your assessment reports as PDF files for audit purposes or documentation.

You can download any report using the action button on the right side of each report. Reports are available as CIS-approved and certified PDF files that can be presented as proof during audits.

Explore report details

Open any report to view detailed summary information and benchmark-specific results.

Opening up a report, you can see:

Summary tab – Overview of the assessment results, compliance scores, and key findings
Details tab – Results organized by benchmark. Opening each benchmark shows the individual control results and the configurations in your tenant

Understanding Assessment Outcomes

Reports display three different types of outcomes for each control assessment. Understanding these outcomes helps you prioritize remediation efforts and track your compliance progress.

Pass

The control is fully compliant with the CIS Benchmark requirement. All configuration settings meet the specified criteria.

Fail

The control does not meet the CIS Benchmark requirement. One or more configuration settings are not compliant and require remediation.

Partial Pass

The control partially meets the CIS Benchmark requirement. Some configuration settings are compliant, but others need attention.

Report Structure

1
Summary Tab
High-level overview including compliance scores, total controls assessed, pass/fail/partial pass counts, and key recommendations.
2
Details Tab
Detailed results organized by benchmark. Each benchmark can be expanded to view individual control results, configurations in your tenant, remediation steps, and audit evidence.

Previous: Rule Sets Next: Scheduled Scans