All Tools

NIST CSF 2.0 Self-Assessment

Rate your cybersecurity maturity across all six NIST Cybersecurity Framework 2.0 Functions. Get an implementation tier, a per-function breakdown, and the weakest functions to prioritize.

Your weakest functions
    This is a directional self-assessment, not an official rating. NIST CSF 2.0 organizes cybersecurity outcomes into six Functions: Govern, Identify, Protect, Detect, Respond, and Recover. The framework describes four implementation tiers (Partial, Risk Informed, Repeatable, Adaptive) that characterize how you manage cybersecurity risk. Tiers are not a grade or certification, and there is no official CSF certification. This tool maps your self-ratings to an approximate tier so you can build a target profile and prioritize; a full assessment reviews the underlying Categories and Subcategories against your actual practices.

    Questions

    What are the six NIST CSF 2.0 Functions?

    NIST CSF 2.0 organizes cybersecurity outcomes into six Functions: Govern, Identify, Protect, Detect, Respond, and Recover. Govern was added in the 2.0 release and sits at the center, covering strategy, roles, policy, and oversight.

    What are the CSF implementation tiers?

    The framework describes four tiers that characterize the rigor of your cybersecurity risk governance and management practices: Tier 1 Partial, Tier 2 Risk Informed, Tier 3 Repeatable, and Tier 4 Adaptive. Tiers describe how you manage risk, not a grade or certification.

    Is NIST CSF a certification?

    No. The Cybersecurity Framework is a voluntary framework for organizing and improving your cybersecurity program. There is no official CSF certification, though many organizations use it to structure their program and report maturity to leadership and customers.

    Is this self-assessment free?

    Yes, it is free with no signup and nothing you rate is sent anywhere. If you want help building a target profile and closing the gaps, our team can run a full CSF assessment with you.

    Not ready for a call yet?

    Get the compliance playbook

    A few short notes from Jacob on maturing a cybersecurity program with NIST CSF. No fluff, unsubscribe in one click. Reply anytime; it reaches him directly.

    From Jacob Masse, founder of traztech. No spam, unsubscribe in one click.

    Want it done for you?

    NIST CSF Assessment

    We run a full CSF assessment and build your target profile and roadmap.

    Explore NIST CSF Assessment →

    Ready to raise your tier?

    We run a full NIST CSF 2.0 assessment, define your target profile, and build the roadmap to close the gaps across all six Functions. Turn this snapshot into a plan.

    See NIST CSF Assessment Book a call