ITSELECT Executive Cockpit online guide

1. Overview

ITSELECT Executive Cockpit turns technical, organisational and governance signals into executive indicators. It is not designed to replace a SOC, SIEM or full ITSM platform. Its purpose is to give decision-makers a clear view of digital exposure, maturity, priorities and progress over time.

01MeasureWebsite, email, DNS, SSL, HTTP security, Microsoft 365 Lite and maturity diagnostics.

02PrioritiseRisk classification, critical gaps and executive-level action priorities.

03ManageHistory, board-level reports, 30/60/90-day roadmap and client follow-up over time.

2. Roles and access

The platform relies on strict role separation. A client only sees its own organisation, domains, scans, diagnostics, reports and authorised users. ITSELECT administrators supervise active clients, accounts, logs and platform configuration.

Role	Purpose	Main access
itselect_admin	Global administration	All clients, users, logs, reports, settings and administration pages.
itselect_consultant	Advisory follow-up	Assigned clients, diagnostics, scans, reports and operational support.
client_admin	Client manager	Organisation, domains, scans, diagnostics, client profile and users within scope.
client_viewer	Read-only access	Executive view, history, risks and reports for the organisation.

3. Client profile and modules

The client profile is the organisation reference point. It gathers the core information required to interpret scans, diagnostics and reports correctly.

Client overviewOrganisation name, primary domain, profile status, contacts, context and completion level.

Enabled modulesIT governance, NIS2, DORA, Microsoft 365, technical controls, reports and relevant client options.

Good practice: enable only the modules that are useful for the client to keep the experience focused and executive-friendly.

4. Executive cockpit

The main page consolidates technical health, IT governance, NIS2 and DORA when these diagnostics are enabled. It must help an executive understand what is under control, what remains exposed and which actions should be launched.

Maturity scoreMeasures what is already in place: practices, controls, ownership, documentation, evidence and steering capability.

ITSELECT Exposure Index™Measures what remains exposed: residual risks, priority gaps, weak signals and organisational or technical vulnerabilities.

Recommended reading: a high maturity score does not mean absence of risk. An organisation may have many practices in place while still carrying a significant Exposure Index™ on critical areas.

Consolidated view by pillars: technical, governance, NIS2, DORA.
Top priority risks and 30 / 60 / 90-day roadmap.
Contextual messages depending on enabled modules.
Clear separation between public demonstration and authenticated client cockpit.

5. Automated controls

The Controls module analyses visible fundamentals of the organisation. Results are saved in history to compare progress over time.

WebsiteHTTPS, SSL, certificate expiry, redirects, security headers, HSTS, CSP and availability.

Email & DNSSPF, DKIM, DMARC, MX, DNS consistency, domain configuration and email protection signals.

ResultsReadable statuses, associated risks, recommendations and scan-by-scan remediation follow-up.

6. Microsoft 365 Lite

Microsoft 365 is connected through read-only Microsoft Graph access. The client grants administrator consent, then the cockpit reads only the information needed for governance assessment.

Tenant and domain information.
Users, guest accounts and disabled accounts.
Administrator roles and governance signals.
Reports available according to granted permissions.
Secure Score when the additional permission is enabled.

Data minimisation: the cockpit must not ingest business content. It does not read emails, SharePoint documents or passwords.

7. Risk Engine

The Risk Engine converts technical results and diagnostic answers into understandable risks. It avoids showing a raw list of controls and produces a prioritisation that management can use.

CriticalHighMediumLow

Each risk can be new, persistent, resolved, worsened or improved. This makes it possible to track real progress beyond a simple point-in-time score.

8. Integrated diagnostics

Diagnostics complement automated scans with maturity and governance analysis. Each diagnostic can be enabled or disabled per client.

IT GovernanceAlignment, responsibilities, suppliers, budget, continuity, documentation and steering.

NIS2 ReadinessRisk management, incidents, continuity, suppliers, accountability and expected evidence.

DORA LiteDigital resilience and good practices for concerned or exposed organisations.

DORA can remain disabled by default when the organisation is not a financial entity or a critical ICT supplier to a financial entity.

9. History and progress

History keeps scans and allows teams to track score, control and risk evolution. For a client user, the view remains strictly limited to their organisation.

Latest scan and previous scan.
Evolution by domain and pillar.
New, resolved, persistent, improved or worsened risks.
Detailed findings and traceability by date, client and domain.

10. Board-level reports

Reports convert results into documents that a management committee, board of directors or monthly review meeting can read. They can be printed as browser PDF, sent by email and archived in the report history.

Browser PDFEmailHistoryScore & recommendations30/60/90 roadmap

11. Multi-client administration

The ITSELECT admin space manages clients, domains, users, invitations, password resets, enabled diagnostics, scheduled scans, logs and operational settings.

Client managementCreate, suspend, define primary domain, enabled modules, users, roles and access.

SchedulingWeekly, monthly or quarterly scans, execution follow-up and result review.

For the ITSELECT_Admin profile, the default landing page is administration: /cockpit/admin.html in FR and /cockpit/en/admin.html in EN.

12. Mini-CRM

The mini-CRM complements the cockpit with a simple commercial and relationship view, without turning ITSELECT into a heavy CRM tool. It tracks clients, prospects, context, status, next actions and opportunities linked to diagnostics or scans.

Centralise useful advisory follow-up information.
Prepare follow-ups after a diagnostic or report.
Document exchanges without collecting unnecessary data.
Keep commercial steering separate from technical data.

13. Logs and traceability

Logging is structured to provide visibility without exposing unnecessary sensitive data. It helps understand actions, errors and cockpit usage.

Activity logDate, event type, client, user, role, email, IP, result, short message and limited technical context.

Specialised logsLogins, emails, internal searches, CTAs, invitations, resets, functional errors and scans.

MaintenanceCleanup, controlled retention, admin review and limited data collection.

14. Security and good practices

The cockpit should remain restrained in the data it collects. It stores scores, statuses, risks, recommendations, reports and useful logs, but should not collect unnecessary content such as emails, SharePoint files, passwords or excessive personal data.

KeepScores, scan dates, domains, risks, recommendations, access logs, reports, statuses and steering evidence.

AvoidEmail content, internal documents, passwords, technical secrets and unnecessary personal data.

Public / private separation: the commercial demonstration should remain under /demo/. The /cockpit/ folder should be reserved for authenticated users, excluded from the sitemap and not exposed in internal search.

Recommended use

For a pilot client, ITSELECT can start with a monthly technical scan, a quarterly governance diagnostic, a NIS2 review where relevant and a board-level report after each cycle.

Access the cockpit Schedule a review