Cybersecurity Performance Goals (CPG) Assessment Training

Location type


Description:  The CPG Training provides an overview of the Cross-Sector Cybersecurity Performance Goals (CPGs) as well as how to perform a CPG assessment using the CSET® tool. 

You'll learn how to: 

  • Perform a CPG assessment in CSET®
  • Utilize CPG Performance Summaries
  • Export a CPG assessment

General Information: This course is web-based, self-paced training. The course takes approximately 3 hours. 0.3 Continuing Education Units are awarded upon successful completion of the course. Difficulties? Email


Technology Requirements: For the course itself, the student does not need much in terms of technology. To take the class, they must have Internet access. 


In order to download CSET® if they'd like to participate in the course exercise where they complete a CSET® exercise, they'll need the following technology requirements (this comes from the CSET® website


Downloading and Installing CSET

The Cyber Security Evaluation Tool for CSET® provides a systematic, disciplined, and repeatable approach for evaluating an organization’s security posture. CSET is a desktop software tool that guides asset owners and operators through a step-by-step process to evaluate industrial control system (ICS) and information technology (IT) network security practices. Users can evaluate their own cybersecurity stance using many recognized government and industry standards and recommendations.

System Requirements for Local Installation

It is recommended that users meet the minimum system hardware and software requirements prior to installing CSET. This includes:

  • Pentium dual core 2.2 GHz processor (Intel x86 compatible)
  • 6 GB free disk space
  • 4 GB of RAM
  • Microsoft Windows 10 or higher
  • Microsoft .NET Core 5.0 Runtime (included in CSET installation)
  • SQL Server 2019 Express LocalDB (included in CSET installation)

Other Items of Note:

For all platforms, it is recommended the user upgrade to the latest Windows Service Pack and install critical updates available from the Windows Update web site to ensure the best compatibility and security.


Cross-sector Cybersecurity Performance Goals (CPG)


Evaluate whether a minimum baseline of cybersecurity technologies and practices are implemented in information technology (IT) and operational technology (OT) environments in small- and medium-sized organizations


  • The Cross-sector Cybersecurity Performance Goals (CPG) training course is designed to empower students to facilitate a CPG assessment using the Cyber Security Evaluation Tool (CSET)


  • The CPGs are a prioritized subset of information technology (IT) and operational technology (OT) cybersecurity practices that critical infrastructure owners and operators can implement to meaningfully reduce the likelihood and impact of known risks and adversary techniques


  • The goals were informed by existing cybersecurity frameworks and guidance, as well as by real-world threats and adversary tactics, techniques, and procedures (TTPs) CISA and its government and industry partners observed


  • By implementing these goals, owners and operators will reduce risks to both critical infrastructure operations and to the American people.


  • The assessment process depends on in-person interviews leveraging CSET to track responses, conduct posture analysis, and generate a report



Assessment Lead

Course Length

3 hours

Course Mode



Please click here to register for the course.

If you have questions, please contact for assistance.