This Cybersecurity Self-Assessment is designed to provide insight to those responsible for achieving regulatory compliance and protecting assets. The assessment is a high-level evaluation that will help determine the cybersecurity preparedness level of the organization based on the widely adopted National Institute of Standards and Technology (NIST) Cybersecurity Framework.

The NIST Cybersecurity Framework requires adopters to; (1) have the capability to Identify cyber threats and vulnerabilities, (2) Protect themselves accordingly with security controls and defenses, (3) have the capability to Detect if security controls have been compromised, (4) Respond to cyberattacks, incidents and breaches and lastly, (5) Recover from cyber-attacks, incidents and breaches.

Read each statement carefully and then assign a numeric value using the assessment scale below. The numeric value assigned to the statement should be most representative of your organization’s current capability or status.