mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-13 14:44:58 +03:00
mukul975
117 lines
4.0 KiB
Markdown
117 lines
4.0 KiB
Markdown
# CISA ZTMM Assessment Template
|
|
|
|
## Organization Information
|
|
- **Organization Name**: _______________
|
|
- **Assessment Date**: _______________
|
|
- **Assessment Lead**: _______________
|
|
- **Pillar Owners**:
|
|
- Identity: _______________
|
|
- Devices: _______________
|
|
- Networks: _______________
|
|
- Applications: _______________
|
|
- Data: _______________
|
|
|
|
## Pillar Assessment Worksheet
|
|
|
|
### Identity Pillar
|
|
|
|
| Function | Traditional | Initial | Advanced | Optimal | Current | Evidence |
|
|
|---|---|---|---|---|---|---|
|
|
| Authentication | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Identity Stores | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Risk Assessment | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Access Management | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Identity Lifecycle | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Visibility & Analytics | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Automation & Orchestration | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Governance | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
|
|
### Devices Pillar
|
|
|
|
| Function | Traditional | Initial | Advanced | Optimal | Current | Evidence |
|
|
|---|---|---|---|---|---|---|
|
|
| Policy Enforcement | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Asset Management | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Device Compliance | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Device Threat Protection | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Visibility & Analytics | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Automation & Orchestration | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Governance | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
|
|
### Networks Pillar
|
|
|
|
| Function | Traditional | Initial | Advanced | Optimal | Current | Evidence |
|
|
|---|---|---|---|---|---|---|
|
|
| Network Segmentation | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Threat Protection | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Encryption | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Network Resilience | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Visibility & Analytics | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Automation & Orchestration | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Governance | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
|
|
### Applications & Workloads Pillar
|
|
|
|
| Function | Traditional | Initial | Advanced | Optimal | Current | Evidence |
|
|
|---|---|---|---|---|---|---|
|
|
| Access Authorization | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Threat Protection | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Accessibility | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Application Security | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Visibility & Analytics | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Automation & Orchestration | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Governance | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
|
|
### Data Pillar
|
|
|
|
| Function | Traditional | Initial | Advanced | Optimal | Current | Evidence |
|
|
|---|---|---|---|---|---|---|
|
|
| Data Inventory | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Data Categorization | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Data Availability | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Data Access | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Data Encryption | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Visibility & Analytics | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Automation & Orchestration | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
| Governance | [ ] | [ ] | [ ] | [ ] | ___ | |
|
|
|
|
## Gap Analysis Summary
|
|
|
|
| Pillar | Current Stage | Target Stage | Gap | Priority |
|
|
|---|---|---|---|---|
|
|
| Identity | ___ | Advanced | ___ | ___ |
|
|
| Devices | ___ | Advanced | ___ | ___ |
|
|
| Networks | ___ | Advanced | ___ | ___ |
|
|
| Applications | ___ | Advanced | ___ | ___ |
|
|
| Data | ___ | Advanced | ___ | ___ |
|
|
|
|
## OMB M-22-09 Compliance Checklist
|
|
|
|
- [ ] Phishing-resistant MFA deployed for all agency staff
|
|
- [ ] Complete device inventory with EDR coverage
|
|
- [ ] DNS and HTTP traffic encrypted
|
|
- [ ] Applications treated as internet-connected with regular testing
|
|
- [ ] Data categorization and automated discovery implemented
|
|
|
|
## Roadmap Priorities
|
|
|
|
### Quick Wins (0-3 months)
|
|
1. _______________
|
|
2. _______________
|
|
3. _______________
|
|
|
|
### Short-term (3-6 months)
|
|
1. _______________
|
|
2. _______________
|
|
3. _______________
|
|
|
|
### Medium-term (6-12 months)
|
|
1. _______________
|
|
2. _______________
|
|
3. _______________
|
|
|
|
### Long-term (12-24 months)
|
|
1. _______________
|
|
2. _______________
|
|
3. _______________
|