Cyber Security Vulnerability Assessment

Developed by the DHS National Cyber Security Division (NCSD) CIP CS Program, the Cyber Security Vulnerability Assessment (CSVA) is a flexible and scalable approach that analyzes an entity’s cybersecurity posture and describes gaps and targeted considerations that can reduce overall cyber risks.

The CSVA assesses the policies, plans, and procedures in place to reduce cyber vulnerabilities and leverages various recognized standards, guidance, and methodologies (e.g., International Organization for Standardization 27001, Information Systems Audit and Control Association (ISACA), Control Objects for Information and Related Technologies (COBIT), and the NIST Special Publication 800 series).