Watkins NIST Cybersecurity Framework Excel Workbook Rollup

NIST CSF Excel Workbook

Watkins Consulting designed an Excel-based workbook to automate the tracking of cybersecurity compliance activities with respect to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). We are pleased to offer a free download of this Excel workbook. Upon downloading and deciding to use this tool, please register it so we can send you update notices. If you need help expanding this assessment into governance or need help with cybersecurity compliance efforts, please contact us at solutions@watkinsconsulting.com.

The download link is below.


In 2014 NIST published version 1.0 of the Framework for Improving Critical Infrastructure Cybersecurity to help improve the cybersecurity readiness of the United States. Although it is intended use is in the critical infrastructure sectors as indicated in Presidential Executive Order 13636, the framework is general and can be used by any firm to evaluate their cybersecurity preparedness.

The core of the framework is to categorize cybersecurity into five functions: Identify, Protect, Detect, Respond, and Recover. These are then broken down into more specific categories and sub-categories. Watkins views the sub-categories as 98 best practices covering the breadth of cybersecurity issues. A firm that is able to describe their strategies and tactics across these 98 sub-categories can be assured of the breadth of their cybersecurity practice and is likely on track to create an effective implementation of that practice.

In order to assist our clients, Watkins has built an Excel workbook that automates the tracking of cyber risk management by sub-category with a rollup to category and function. The intent of the workbook is to provide a straightforward method of record keeping which can be used to facilitate risk assessments, gap analysis, and historical comparisons.

An immediate benefit is that our clients, contacts, and everyone on the web can download and use the NIST CSF Excel workbook. It is our hope that this tool will reduce the level of clerical work involved, allowing you to immediately engage in the important work of effective cybersecurity governance. Watkins is offering this tool for your use free of charge; however, we do recommend that you register your tool so that you can receive version updates as they become available. We recommend that you let us know that you are using the Excel workbook by sending us an email.

The purpose of this tool is to record responses and calculate corresponding scores. Should your institution require further explanation of results or interpretation of the FFIEC Cybersecurity Assessment requirements, please contact us at solutions@watkinsconsulting.com or (888) 230-3032.

Download Information

The Excel file is a macro-free file and uses latest Excel Microsoft Office Open XML Format which does not allow for macros. The file size is 67,625 bytes (67 KB) and the SHA-1 checksum is E6E065D3B06712A13AE1EBC8E297516169ECF619.

Free Excel Cybersecurity Assessment Tool Change Log

Version (link) Change SHA-1
1.01 Internal release only  
1.02 (link) Prepared for external use E6E065D3B06712A13AE1EBC8E297516169ECF619

Tags: cybersecurity, internal controls, risk management