All processing happens locally in your browser. No data is sent to any server.
Sources & Methodology
Data Sources
| Framework | Document | Version / Date | Publisher | Official URL | Verified |
|---|---|---|---|---|---|
| NIST | SP 800-53 Rev.5 + CSF 2.0 | Rev.5 Sept 2020 · CSF 2.0 Feb 2024 | NIST | csrc.nist.gov ↗ | Mar 2026 |
| DORA | Regulation (EU) 2022/2554 | Jan 2023, applicable Jan 2025 | European Parliament | eur-lex.europa.eu ↗ | Mar 2026 |
| GDPR | Regulation (EU) 2016/679 | May 2018 | European Parliament | gdpr-info.eu ↗ | Mar 2026 |
| NIS2 | Directive (EU) 2022/2555 | Jan 2023 | European Parliament | eur-lex.europa.eu ↗ | Mar 2026 |
| CRA | Regulation (EU) 2024/2847 | Nov 2024 | European Parliament | eur-lex.europa.eu ↗ | Mar 2026 |
Editorial Methodology
Controls were extracted from official publications, normalised into a consistent format, and categorised editorially. Cross-framework mappings (e.g. DORA to NIST) reflect common industry interpretations and are not official guidance from NIST or any regulatory body. Implementation tiers for NIST controls are based on NIST CSF 2.0 maturity model guidance and represent editorial assessment, not official tier assignments.
Disclaimer
This tool is provided for informational purposes only and is currently in beta. We do not guarantee completeness, accuracy, or reliability of the data presented. Always verify details against the official source documents independently. This tool does not constitute legal or compliance advice.
Feedback
Found an error or have suggestions? Contact us ↗
Tier 1 = Partial (ad hoc) → Tier 4 = Adaptive
(continuous improvement).
Source: nist.gov/cyberframework
📊 Assess My Organisation — NIST CSF 2.0
Select your current implementation tier for each CSF function. Results are stored in your browser session only — no data is sent to any server.