Skip to main content

Assess Specified Systems in an Assessment Plan

This article defines how build an assessment plan for a single or selected set of systems.

Michael Compisi avatar
Written by Michael Compisi
Updated over 2 years ago

Organizations may want to perform an assessment on a single system or designated systems within their environment. Traditional CyMetric assessment plans assemble ALL the systems that have the same obligation or regulatory requirement into one assessment plan. CyMetric also enables users to assess specified system or systems to be included in an assessment plan.

Create Assessment Plan

To get started, click on Assessments from the left navigation area and click on the green Create Plan button from the top right portion of the screen. Select Compliance Objective from the available options and click Next. Choose the desired Compliance Objective from the list of regulations or security frameworks and click Next. The Filters page has been enhanced to include an option for System(s). To assess by information system, click on the System(s) radio button.

CyMetric will present all the Information Systems that have the selected obligation or framework chosen in the previous screen. Select the system or multiple systems from the list to include in your Assessment by checking the box next to the appropriate system(s). Click on the Add Systems button at the bottom when finished.

CyMetric returns the User to the Filters page with more detail on the systems selected. If the User needs to modify the selections, they can click on the Edit Selection link to add or subtract from their list. To move to the next screen, click the Next button.

Provide a name for the Assessment, the Assessment Owner and a Planned Completion Date in the fields. NOTE: It is suggested that the Assessment Name be descriptive to communicate the focus of the Assessment. Click on the Next button to continue. Review the parameters of the Assessment Plan to ensure it is accurate. CyMetric will display a list of the INCLUDED System(s) as well as a list of the EXCLUDED systems. To view those systems, click on the View link in each of the respective areas.

If everything looks appropriate, click on the Confirm and Create Plan button to assemble the Assessment plan. To review how to execute an Assessment Plan, please review the article: Executing an Assessment or Audit of your Compliance Program

Did this answer your question?