Critical Start Quick Start Risk Assessments FAQs

Who can use Quick Start Risk Assessments?

Quick Start Risk Assessments is available to Critical Start and non-Critical Start customers.  

What is included with Quick Start Risk Assessments?

Quick Start Risk Assessments is a 15-question, brief version of the full NIST CSF assessment. The survey analysis includes security maturity ratings against best practices and Peer Benchmarking.

What is the difference between Quick Start Risk Assessments and Risk Assessments Essentials?

Quick Start Risk Assessments 

Risk Assessments Essentials 

  • Free, 15-question Quick Start Risk Assessments 
  • Includes Peer Benchmarking 
  • For anyone, even if they are not a Critical Start customer 
  • PAID Critical Start 108-question guided NIST CSF Assessment (quantitative maturity answers) 
  • Prescriptive definitions for each Capability Maturity Model Integration (CMMI) Maturity Level (available only for the NIST CSF Guided Assessment) 
  • Multiple quantifiable dimensions for each Maturity Level 
  • Prepare with a self-assessment, including the ability to attach evidence, assign reviewers, and set target dates 
  • Import previous assessments to Critical Start Platform for peer benchmarking, historical trends, and to get prioritized risk reduction recommendations.  
  • A more comprehensive assessment because of a greater number of questions and framework alignment 
  • Support for other frameworks and models like CIS, NIST CSF, ISO, etc., as a part of the same subscription 
  • Includes peer benchmarking

How long does it take to complete Quick Start Risk Assessments?

The Quick Start Risk Assessments questionnaire can be completed in minutes. There are 15 quantifiable, multiple-choice questions.  

When conducting a risk assessment, what systems should be considered?

All endpoint, cloud, software, hardware, and physical systems and devices that move data and traffic into, out of, and across your network should be considered when conducting cyber risk assessments. 

Are IoT and non-IT devices like HVAC systems considered physical systems?

Yes, all the physical systems through which a cyber threat can potentially be passed on to any software/hardware asset and can move onto a network should be considered in the assessment. 

How often can Quick Start Risk Assessments be performed?

Organizations can take fill out as many Quick Start Risk Assessments questionnaires as desired, as often as they want. 

What is the benefit of Quick Start Risk Assessments?

Quick Start Risk Assessments maps to 75% of the NIST CSF, revealing relevant information across many coverage areas for relatively little effort. You get peer benchmarking and prioritized Risk-Ranked Recommendations by just spending a few minutes 

What will the user see upon completing a Quick Start Risk Assessments questionnaire?

A non-Critical Start customer will see standalone recommendations and data elements of the completed survey that flow into the Cyber Risk Dashboard. The risk overview will only have one widget and a call to action on what to do to increase security posture, including adding MDR to their security tool portfolio. 

A Critical Start customer will see a more unified view within the Cyber Risk Dashboard, tying into other licensed and unlicensed offerings with additional calls to action. 

How long does it take to provision access to Quick Start Risk Assessments?

After completing the sign-up process, your access to Quick Start Risk Assessments will be provisioned within 24 hours. You’ll receive an email notification once your access is ready.

Benchmark your cybersecurity against peers with our Free Quick Start Risk Assessments tool!
This is default text for notification bar