Cyber Incident Simulation - NIST Cybersecurity Framework (Post-Exercise)

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

This is intended to be a risk management tool only. Any representations as to compliance, must be undertaken using separate procedures.

Instructions

The NIST Cybersecurity Framework and this self-assessment is structured as follows:

There are five Functions:
1. Identify
2. Protect
3. Detect
4. Respond
5. Recover

For each question, use the following scale:
1. Strongly Disagree
2. Disagree
3. Agree
4. Strongly Agree

To understand more about the NIST Cybersecurity Framework, click here:
https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf

The results of this assessment will be provided in a report

Organisation Name *

Identify *

Develop an organisational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities. The activities in the Identify Function are foundational for effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organisation to focus and prioritise its efforts, consistent with its risk management strategy and business needs. Examples of outcome Categories within this Function include: Asset Management; Business Environment; Governance; Risk Assessment; and Risk Management Strategy.

Strongly Disagree

Strongly Agree

Protect *

Develop and implement appropriate safeguards to ensure delivery of critical services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome Categories within this Function include: Identity Management and Access Control; Awareness and Training; Data Security; Information Protection Processes and Procedures; Maintenance; and Protective Technology.

Strongly Disagree

Strongly Agree

Detect *

Develop and implement appropriate activities to identify the occurrence of a cybersecurity event. The Detect Function enables timely discovery of cybersecurity events. Examples of outcome Categories within this Function include: Anomalies and Events; Security Continuous Monitoring; and Detection Processes.

Strongly Disagree

Strongly Agree

Respond *

Develop and implement appropriate activities to take action regarding a detected cybersecurity incident. The Respond Function supports the ability to contain the impact of a potential cybersecurity incident. Examples of outcome Categories within this Function include: Response Planning; Communications; Analysis; Mitigation; and Improvements.

Strongly Disagree

Strongly Agree

Recover *

Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident. The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity incident. Examples of outcome Categories within this Function include: Recovery Planning; Improvements; and Communications.

Strongly Disagree

Strongly Agree

Submit

Clear form

Never submit passwords through Google Forms.

This form was created inside of Incident Response Solutions Limited. Report Abuse

Forms