Cyber Resilience Review (CRR)
CRR is a non-technical control framework created by the Department of Homeland Security. It is intended to evaluate the operational resilience and effectiveness of cybersecurity practices organizations have in place.
What’s included?
- Security Assessment addressing all CRR control requirements
- Risk Assessment for Environmental, Human, IT, and Business Risks
- Compliance Calendar and Real-Time Dashboards
- Policies, plans, and procedures for complying with CRR requirements
- Incident Response Management and Reporting
- Acknowledgement Tracking for Policies, Acceptable Use, Employee Handbooks, and more
- Business Continuity Strategy, Plan, Testing, and Reporting Templates
- Vendor Due Diligence Procedure, Automated Risk Ranking, Assessments, and Reporting
- Security Awareness: Annual, New Hire, Functional/Role-Based Training and Reporting
- Automated Weekly Status Reports and On-Demand Complete Assessment Reports