GUIDEBOOK, TOOL

Cyber Resilience Reviews (CRRs)

Publicly Accessible

Description

Developer/Partners: DHS (2020)

Relevant Hazard/Threat(s): Cyber disruption

Intent: No-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices

The CRR is an interview-based assessment of an organization’s cybersecurity management program that seeks to understand the cybersecurity management of services, and their associated assets, that are critical for an organization’s mission success

Data Parameters

Inputs: Answers to guided questions on capabilities across ten resilience domains.
Outputs: Final report that measures existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices.

Caveats

Limited to cyber resilience