NIST CSF 2.0
Cybersecurity
The NIST Cybersecurity Framework 2.0 is the most widely adopted cybersecurity framework globally, now expanded to serve organizations of every size and sector — not just critical infrastructure. This assessment maps your security programme against all six core Functions — Govern, Identify, Protect, Detect, Respond, and Recover — encompassing 22 categories and 106 subcategories. It reflects the landmark addition of the Govern function in the 2024 update, emphasizing cybersecurity as an enterprise risk requiring leadership oversight. Your results map directly to the CSF Implementation Tiers (Partial through Adaptive).
9
Domains
24
Questions
~24 min
Estimated Time
What You'll Be Assessed On
Scope & Context
Applicability Check
2 questions
GOVERN — Organizational Context & Strategy (GV.OC, GV.RM, GV.SC)
4 questions
GOVERN — Supply Chain Risk Management (GV.SC)
2 questions
IDENTIFY — Asset & Risk Management (ID.AM, ID.RA)
3 questions
PROTECT — Access Control & Awareness (PR.AA, PR.AT)
2 questions
PROTECT — Data Security & Platform Security (PR.DS, PR.PS)
3 questions
DETECT — Continuous Monitoring & Analysis (DE.CM, DE.AE)
2 questions
RESPOND — Incident Management (RS.MA, RS.AN, RS.CO, RS.MI)
3 questions
RECOVER — Recovery Planning & Execution (RC.RP, RC.CO)
3 questions
Step-by-Step
Answer questions one domain at a time with progress tracking.Instant Scoring
Get a weighted maturity score and per-domain breakdown immediately.Actionable Roadmap
Receive a phased remediation plan tailored to your results.
Takes approximately 24 minutes to complete.