Critical Start Quick Start Risk Assessment FAQs

Who can take a Quick Start Risk Assessment?

Quick Start Risk Assessments are available to Critical Start and non-Critical Start customers.  

What is included with the Quick Start Risk Assessments?

The Quick Start Risk Assessment is a 15-question Assessment included in our expanded MDR service for no additional charge. It is a brief, approximated version of the NIST CSF assessment. It has 14 single-select questions (the last (15th) question is more for information gathering). The survey analysis includes security maturity ratings against best practices and Peer Benchmarking.

What is the difference between Quick Start Risk Assessment and Risk Assessment Essentials?

Quick Start Risk Assessment 

Risk Assessment Essentials 

  • Free, 15-question Quick Start Risk Assessment 
  • Includes Peer Benchmarking 
  • For anyone, even if they are not a Critical Start customer 
  • PAID Critical Start 108-question guided NIST CSF Assessment (quantitative maturity answers) 
  • Prescriptive definitions for each Capability Maturity Model Integration (CMMI) Maturity Level (available only for the NIST CSF Guided Assessment) 
  • Multiple quantifiable dimensions for each Maturity Level 
  • Prepare with a self-assessment, including the ability to attach evidence, assign reviewers, and set target dates 
  • Import previous assessments to Critical Start Platform for peer benchmarking, historical trends, and to get prioritized risk reduction recommendations.  
  • A more comprehensive assessment because of a greater number of questions and framework alignment 
  • Support for other frameworks and models like CIS, HITRUST, ISO, etc., as a part of the same subscription 
If I have participated in the Quick Start Survey, will my data appear in the free Quick Start Risk Assessment by default?

Yes, if you have participated in the Quick Start Survey during August-September, your assessment data will be preloaded into the free Quick Start Risk Assessment by default.  


How long does it take to complete a Quick Start Risk Assessment?

The Quick Start Risk Assessment can be completed in minutes. There are 15 quantifiable, multiple-choice questions.  

When conducting a risk assessment, what systems should be considered?

All endpoint, cloud, software, hardware, and physical systems and devices that move data and traffic into, out of, and across your network should be considered when conducting cyber risk assessments. 

Are IoT and non-IT devices like HVAC systems considered physical systems?

Yes, all the physical systems through which a cyber threat can potentially be passed on to any software/hardware asset and can move onto a network should be considered in the assessment. 

How often can a Quick Start Risk Assessment be performed?

Organizations can take fill out as many Quick Start Risk Assessment questionnaires as desired, as often as they want. 

What is the benefit of the Quick Start Risk Assessment?

Our Quick Start Risk Assessment maps to 75% of the NIST CSF, revealing relevant information across many coverage areas for relatively little effort. You get peer benchmarking and prioritized risk reduction recommendations by just spending a few minutes 

What will the user see upon completing a Quick Start Risk Assessment?

A non-Critical Start customer will see standalone recommendations and data elements of the completed survey that flow into the Cyber Risk Dashboard. The risk overview will only have one widget and a call to action on what to do to increase security posture, including adding MDR to their security tool portfolio. 

A Critical Start customer will see a more unified view within the Cyber Risk Dashboard, tying into other licensed and unlicensed offerings with additional calls to action. 

How long does it take to provision access to the Quick Start Risk Assessment?

After completing the sign-up process, your access to the Quick Start Risk Assessment will be provisioned within 24 hours. You’ll receive an email notification once your access is ready.