NIST CSF 2.0 Maturity Assessment
The NIST Cybersecurity Framework 2.0 organizes your security program into six core functions: it answers who is accountable, what you have, how you protect it, how you detect problems, how you respond, and how you recover.
Most organizations are strong in one or two functions and weak everywhere else. Rate your maturity across all six below and get an AI-built 90-day roadmap in minutes.
⏳ Takes about 2 minutes | Most organizations score below Tier 2 on their first assessment
1. Govern
Establish and monitor your cybersecurity risk management strategy, expectations, and policy.
2. Identify
Understand your organization's assets, data, and risks so security effort goes where it matters most.
3. Protect
Implement safeguards to secure critical assets and limit the impact of a potential security event.
4. Detect
Find and analyze possible cybersecurity attacks and compromises as early as possible.
5. Respond
Take action once a cybersecurity incident is detected to contain its impact.
6. Recover
Restore assets and operations affected by a cybersecurity incident and reduce the impact of future events.
Rate Your Maturity (1–4)
1=Partial | 2=Risk Informed | 3=Repeatable | 4=Adaptive
Policies, strategy, and supply chain risk management.
Asset management and risk assessment.
Access control, awareness, and data security.
Anomalies, events, and continuous monitoring.
Incident management, analysis, and mitigation.
Recovery planning and improvements.
Overall Maturity: Tier 1 — Partial
Most mid-size organizations score between Tier 1–2 on initial assessment.
Your Strategic Roadmap
Analyzing gaps and building your
90-day execution plan...
Your roadmap is ready — let’s build it together.
EnGrossed Advisory specializes in turning NIST CSF assessments into working security programs at any budget.
Schedule a Free Strategy Session →