Cyber Resilience Review

Overview
The Cyber Resilience Review (CRR) is a complimentary, voluntary program provided by the Cyber Security Evaluation Program (CSEP) within the Department of Homeland Security to develop an understanding of an organization's operational resilience and ability to manage cyber risks to its critical services and assets. The CRR pays special attention to protection and sustainment practices with their ten established key domains of cyber resilience, generating a report that summarizes observed strengths and weaknesses in each domain.

The report also suggests general guidance or activities to improve the cybersecurity posture and preparedness of the organization. CRR resource guides in the series include these areas: asset management, controls management, configuration and change management, vulnerability management, incident management, service continuity management, risk management, external dependencies management, training awareness, and situational awareness.

Source

 * Cybersecurity A Primer for State Utility Regulators, App. C.