Cybersecurity Framework Coverage Assessment Checklist
Complete this checklist to evaluate your organization's cybersecurity framework coverage, identify gaps, and plan remediation actions.
Organization Name
*
Department or Team
*
Assessment Date
*
-
Month
-
Day
Year
Date
Assessor Name
*
First Name
Last Name
Cybersecurity Framework or Standard Being Assessed
*
Please Select
NIST Cybersecurity Framework (CSF)
ISO/IEC 27001
CIS Controls
COBIT
PCI DSS
HIPAA Security Rule
Other
Framework Scope / Coverage Area
*
Entire Organization
IT Infrastructure
Cloud Environment
Application Security
Operational Technology (OT)
Third-Party/Vendor Management
Other
Overall Maturity or Coverage Rating
*
Initial / Ad Hoc
1
2
3
4
Optimized
5
1 is Initial / Ad Hoc, 5 is Optimized
Status of Implemented Controls
*
Rows
Implemented
Partially Implemented
Not Implemented
Not Applicable
Access Control
1
2
3
4
Asset Management
5
6
7
8
Incident Response
9
10
11
12
Risk Assessment
13
14
15
16
Security Awareness Training
17
18
19
20
Network Security
21
22
23
24
Data Protection
25
26
27
28
Vulnerability Management
29
30
31
32
Evidence / Documentation Links or References
Identified Gaps or Missing Controls
*
Remediation Priority
*
High
Medium
Low
Owner / Assignee for Follow-Up
*
Target Remediation Date
-
Month
-
Day
Year
Date
Additional Comments or Observations
Submit Assessment
Should be Empty: