Cyber Resilience Reviews (CRRs)

Developer/Partners: DHS (2020)

Relevant Hazard/Threat(s): Cyber disruption

Intent: No-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices

The CRR is an interview-based assessment of an organization’s cybersecurity management program that seeks to understand the cybersecurity management of services, and their associated assets, that are critical for an organization’s mission success

Inputs: Answers to guided questions on capabilities across ten resilience domains.
Outputs: Final report that measures existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices.

Limited to cyber resilience