Nationwide Cybersecurity Review (NCSR)
What is the Nationwide Cybersecurity Review?
The NCSR is a no-cost, anonymous, annual self-assessment. All states (and agencies), local governments (and departments), tribal nations, and territorial (SLTT) governments are encouraged to participate. It is designed to measure gaps and capabilities of SLTT governments’ cybersecurity programs and is based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)
Using the results of the NCSR, DHS delivers a bi-yearly anonymous summary report to Congress providing a broad picture of the cybersecurity maturity across the SLTT communities. The NCSR is hosted on a secure GRC software platform.
- Receive metrics specific to your organization to identify gaps and develop a benchmark to gauge year-to-year progress, as well as anonymously measure your results against your peers.
- Attain reporting and resources that can help you prioritize next steps towards desired cybersecurity improvement. For HIPAA compliant agencies, translate your NCSR scores to the HIPAA Security Rule scores of an automatic self-assessment tool.
- Gain access to a repository of informative references, such as NIST 800-53, COBIT, and the CIS Controls that can assist in managing cybersecurity risk.
- Fulfill the NCSR assessment requirement for the Homeland Security Grant Program (HSGP). Additional information located here: https://www.fema.gov/homeland-security-grant-program.
NCSR 2022 FAQs
- Provides answers to frequently asked questions specific to the NCSR
- Provides a high-level summary of the NCSR and its benefits.
NCSR General User Guide
- Provides end-user guidance on accessing and navigating the NCSR portal, as well as directions on completing the assessment. Information on the automated reports is also included.
NCSR Maturity Scale
NCSR Assessment Demo
View a demo of taking the NCSR. Learn how to register, login, and complete the assessment.
NCSR Completion Certificate
Provides directions on accessing the NCSR Completion Certificate.
NIST Cybersecurity Framework
- Provides additional information on the NIST Cybersecurity Framework, courtesy of the National Institute of Standards and Technology.
New to the NCSR? Please complete the registration form on this page.
Returning Participant? Please visit the NCSR portal at https://cis.my.logicmanager.com/. Use the General User Guide listed above to login to the platform and access your information.
Metrics Working Group Reference Guides
- Using Cybersecurity Metrics to Inform Stakeholders
- NCSR Data Reporting Template
- NIST CSF Policy Template Guide
- Cybersecurity Resources Guide
- Supply Chain Cybersecurity Resources Guide
- First Steps in Establishing Essential Cyber Hygiene
- Risk Assessment Guide
- The NCSR & Your HIPAA Security Rule Assessment
To join the Metrics Working Group, reach out to [email protected].
NCSR Sector Snapshots
Snapshots are documents highlighting higher and lower scoring areas for specific sub-sectors that participated in the NCSR. Snapshots do not list any scores but highlight resources that can be utilized to make improvements.
NCSR Summary Reports
For any questions, please contact us via e-mail at [email protected].