Masanari Global · Risk Intelligence

Comprehensive
Cybersecurity Risk
Assessment Framework

A multi-domain assessment architecture mapping 60 structured questions across 12 security domains — aligned to NIST 800-53 Rev.5, FDA Guidance, EO 14028, M-23-16, and NIST CSF 2.0.

12
Security Domains
60
Assessment Questions
5
Regulatory Frameworks
300+
Mitigation Controls
NIST SP 800-53 Rev. 5· FDA Cybersecurity Guidance· Executive Order 14028· M-23-16 / M-22-18· NIST CSF 2.0· Supply Chain Risk Management· Vulnerability Disclosure· Zero Trust Architecture· SBOM Requirements· Incident Response· NIST SP 800-53 Rev. 5· FDA Cybersecurity Guidance· Executive Order 14028· M-23-16 / M-22-18· NIST CSF 2.0· Supply Chain Risk Management· Vulnerability Disclosure· Zero Trust Architecture· SBOM Requirements· Incident Response·
NIST 800-53 Rev. 5
SR-4 RA-5 SA-11 IA-2 SC-28 IR-8
FDA Guidance
TPLC Mgmt §6 CVD §7 Sec. Controls §5
Executive Order 14028
§4(e) SSCS §4(f) SBOM §3(c) ZTA §4(k) Disclosure
M-23-16 / M-22-18
SBOM Req. MFA §3.d Logging §4
NIST CSF 2.0
ID.SC PR.DS DE.CM RS.RP RC.CO
Assessment Architecture

Twelve Security Domains

Select a domain to explore assessment questions, control mappings, regulatory alignments, and mitigation best practices.

Supply Chain Risk Management

5 questions · SR-4 · SR-6 · SR-11 · CM-8

Vulnerability Management & Disclosure

5 questions · RA-5 · SI-2 · IR-8

Secure Development Practices

5 questions · SA-3 · SA-8 · SA-11 · CM-4

Authentication & Access Control

5 questions · IA-2 · AC-2 · AC-6 · SC-12

Encryption & Key Management

5 questions · SC-8 · SC-12 · SC-13 · SC-28

Network Security

5 questions · SC-7 · SI-4 · AC-17 · AC-18

Incident Response & Recovery

5 questions · IR-4 · IR-6 · IR-8 · CP-4

Security Updates & Patch Management

5 questions · SI-2 · RA-5 · CM-3 · SI-5

Asset Management & Inventory

5 questions · CM-8 · PM-5 · RA-2 · SI-4

Third-Party Risk Assessment

5 questions · SA-9 · SR-3 · SR-6 · AC-20

Cloud Security

5 questions · SA-9 · SC-28 · AC-3 · SI-4

Data Protection & Privacy

5 questions · RA-2 · SC-8 · SC-28 · CA-3