Home / News / NIST Issues Draft Self-Assessment Tool for Cybersecurity Mgmt Efforts

NIST Issues Draft Self-Assessment Tool for Cybersecurity Mgmt Efforts

cyberThe National Institute of Standards and Technology has unveiled a self-assessment tool in a move to help organizations assess the effectiveness of their cybersecurity risk management initiatives.

NIST said Thursday the draft Baldrige Cybersecurity Excellence Builder integrates the Baldrige Performance Excellence Program‘s organizational performance evaluation strategies with the Cybersecurity Framework‘s risk management mechanisms.

The Baldrige program partnered with NIST’s applied cybersecurity division, Federal Chief Information Officer Tony Scott’s office and industry partners to develop the builder.

The tool is designed to help organizations determine cybersecurity-related activities that will support business strategy and services delivery, prioritize risk management investments, assess the results of cybersecurity efforts and identify priorities for improvement, according to NIST.

NIST added the builder will work to help users implement a process to define cybersecurity characteristics and situations of an organization as well as identify the organization’s cybersecurity methods and results achieved through those approaches.

Organizations can also use the tool’s assessment rubric to determine their cybersecurity maturity level as “reactive,” “early,” “mature,” or “role model,” the agency said.

NIST also collaborated with the Office of Management and Budget’s Office of Electronic Government and Information Technology and private sector representatives to create the draft self-assessment tool.

A public comment period on the draft will be open until Dec. 15, 2016.

Check Also

Defense Innovation Board Highlights Three Themes in Draft Software Acquisition & Practices Study

The Defense Innovation Board issued a draft copy of its Software Acquisition and Practices study and the congressionally mandated SWAP study has three fundamental themes. The first theme deals with the role of speed and cycle time as metrics for software management.

Leave a Reply

Your email address will not be published. Required fields are marked *