The at the National Institute of Standards and Technology announces the release of the , version 1.1. This update to the voluntary self-assessment tool reflects the and the , Version 1.1, managed by NIST’s Applied Cybersecurity Division. This version features an increased focus on
- ensuring an efficient and effective cybersecurity supply network;
- ensuring that all your organization’s suppliers fulfill their cybersecurity-related roles and responsibilities; and
- understanding linkages among your organization’s context, processes, and results.
The Baldrige Cybersecurity Excellence Builder helps organizations better understand the effectiveness of their cybersecurity risk management efforts in the context of their overall characteristics, strategic situation, and goals. It is intended for use by leaders and managers—senior leaders, chief security officers, and chief information officers, among others—who are concerned with and responsible for mission-driven, cybersecurity-related policy and operations.
Version 1.1 includes the following sections:
- Questions for self-assessing your cybersecurity-related processes and results
- Assessment rubric
- Glossary of key terms
- Benefits of using the self-assessment tool, by organizational role
- Crosswalk between the Baldrige Cybersecurity Excellence Builder and the Cybersecurity Framework
This self-assessment tool blends the Baldrige Program’s organizational assessment approaches with the concepts and principles of the Cybersecurity Framework. The Cybersecurity Framework assembles and organizes standards, guidelines, and practices that are working effectively in many organizations. It also includes informative references that are common across critical infrastructure sectors. In the Baldrige approach as applied to cybersecurity, an organization manages all areas affected by cybersecurity as a unified whole. The system consists of cybersecurity-related approaches in the areas of leadership, strategy, customers, measurement/knowledge management, workforce, and operations, as well as the results achieved.
- Free Download (PDF)
- (Printed copies)
In addition, registration is open for the Baldrige Cybersecurity Workshop on Sunday, April 7, 2019, in conjunction with the Baldrige Quest for Excellence Conference, Gaylord National Harbor, National Harbor, Maryland. Using a case study approach, the workshop will familiarize you with the Baldrige Cybersecurity Excellence Builder through presentations, discussions, and exercises.
For more information on Baldrige products and services, contact the Baldrige Program at 301-975-2036 or .