In this exercise, we will review the use of Milestones to show how Continuous Assessments can help us use a single assessment to review progress over time.
During the previous exercises, we worked with the NIST CSF Full Assessment titled HOL IT Assessment (test) that we created during the first exercise. Now, we will create a new milestone for this assessment, allowing us to show progress over time. In this case, only a little time has passed, but this would typically be used after 6 to 12 months when redoing an assessment.
- Navigate to the HOL IT Assessment (test) assessment.
Under the name of the assessment, select the Add Mileston option.
On the New Milestone modal, enter
- a Milestone Name, for example, Original Assessment.
- set the Date to yesterday’s date
- Click Save.
From the list of assessments on the left, on the HOL IT Assessment (test) box, click the down chevron.
View two versions of the HOL IT Assessment (test).
Increase the values of the first 11 questions of the HOL IT Assessment (test) to the maximum value (FI - Fully Implemented) corresponding to all the objectives under Asset Management and Business Environment.
Notice that the HOL IT Assessment (test) shows today’s values in the middle and past values associated with the “Original Assessment” to the left. This is the progress made since the first time the assessment was taken.
Axio recommends creating a new Milestone each time an assessment is redone. This builds a history of assessment values while keeping a single overall assessment, otherwise known as Continuous Assessments.