Cyber Resilience Reviews (CRRs)
Description
Developer/Partners: DHS (2020)
Relevant Hazard/Threat(s): Cyber disruption
Intent: No-cost, voluntary, non-technical assessment to evaluate an organization’s operational resilience and cybersecurity practices
The CRR is an interview-based assessment of an organization’s cybersecurity management program that seeks to understand the cybersecurity management of services, and their associated assets, that are critical for an organization’s mission success
Data Parameters
Inputs: Answers to guided questions on capabilities across ten resilience domains.
Outputs: Final report that measures existing organizational resilience as well as provide a gap analysis for improvement based on recognized best practices.
Caveats
Limited to cyber resilience