Cybersecurity Self-Assessment
This Cybersecurity Self-Assessment is designed to provide insight to those responsible for achieving regulatory compliance and protecting assets. The assessment is a high-level evaluation that will help determine the cybersecurity preparedness level of the organization based on the widely adopted National Institute of Standards and Technology (NIST) Cybersecurity Framework.
The NIST Cybersecurity Framework requires adopters to; (1) have the capability to Identify cyber threats and vulnerabilities, (2) Protect themselves accordingly with security controls and defenses, (3) have the capability to Detect if security controls have been compromised, (4) Respond to cyberattacks, incidents and breaches and lastly, (5) Recover from cyber-attacks, incidents and breaches.
The assessment is segmented into five Sections (Identify, Protect, Detect, Respond, Recover). Each section contains several statements. Read each statement carefully and then assign a numeric value using the assessment scale below. The numeric value assigned to the statement should be most representative of your organization’s current capability or status.
Numeric Value Statement Compliance
| 1 | Disagree |
| 2 | Somewhat Disagree |
| 3 | Somewhat Agree |
| 4 | Agree |
After assigning a numeric value to all statements for a section, add all numeric values for a section total and refer to the results recommendation section.
Let's Find Your Score
The organization maintains a complete and up-to-date inventory of all hardware, software, systems, and data assets, classified by criticality and business value.