Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook
Academy home
Helps
Filling security assessments

Security assessments are meant for evaluating organization's readiness against a common security framework, like NIS2 or ISO 27001.

This article describes filling an assessment and e.g. creating an account with your assessment information.

Related article: Managing and sending vendor security assessments

Creating / Initiating the assessment

Security assessment in Cyberday can be started in 3 different ways.

Receiving a "Vendor security assessment request" from your customer

In this case, you will receive an email request from your customer, who wants (or is required to) monitor your information security better.

The email you'd receive looks like this:

Initiating a security assessment from your Cyberday account

If you're already a Cyberday user, you can still use security assessment to do quick evaluations of your readiness towards e.g. other security frameworks.

If you've worked towards ISO 27001 in Cyberday, you can create an assessment and see your initial compliance towards e.g. SOC2 and go through the remaining tasks to understand, how much work there would be to comply.

To create a security self-assessment from your Cyberday account, head to Reporting -> + New report -> Assessment.

Initiating a security assessment from Cyberday.ai website

It is also possible to create a security assessment without Cyberday account and without a vendor request, through Cyberday.ai website.

In this case, you can fill the information to estimate your compliance first, and then make the decision after that whether you'd like to create a Cyberday account.

Filling the security assessment

Categorize tasks according to your current operations

The main thing on the assessment is to categorize the listed tasks properly:

  • Include the tasks you have at least something done for
  • Set the task status to most accurate value (Fully done / Mostly done or Partly done)

If you select "Mostly done" or "Partly done", the assessment will require you to fill more details. If you select "Fully done", no additional details are needed, as your implementation is expected to at least include the things on the task description.

See the report of results

After you've made progress on the assessment, you can click "Preview the results".

This will take you to a report of your assessment results. You will see in which themes you did better and worse, the overall compliance score and the details of measures you described.

Tip: You can print the report for e.g. internal communication.

Create your Cyberday account (if you don't yet have one)

If you created the assessment without an already existing Cyberday account, filling the assessment is a great way to start your Cyberday journey!

As the last step of your assessment flow, you'll be suggested to create your account.

All selections you made on the assessment and content you filled will be imported to your ISMS, if you decide to create the account.

Content

Share article