In this exercise, we will review the use of Milestones to show how Continuous Assessments can help us use a single assessment to review progress over time.
Ideally, this exercise should be done at least 1 day after Reference Assessments and Target Profiles.
During the previous exercises, we worked with the NIST CSF Full Assessment titled HOL IT
Assessment (test) that we created during the first exercise. Now we will create a new milestone for this assessment that will then allow us to show progress over time. In this case, not much time has passed, but this would typically be used after 6 to 12 months when redoing an assessment.
Adding a Milestone to An Assessment
1. Navigate to the HOL IT Assessment (test) assessment.
2. Under the name of the assessment, select the Add Mileston option.
Add Milestone option
3. On the New Milestone modal, enter
- a Milestone Name, for example, Original Assessment.
- set the Date to yesterday’s date
4. Click Save.
5. From the list of assessments on the left, on the HOL IT Assessment (test) box, click the down chevron.
Expand to view
View two versions of the HOL IT Assessment (test).
Two versions
6. Increase the values of the first 11 questions of the HOL IT Assessment (test) to the maximum value (FI - Fully Implemented) corresponding to all the objectives under Asset Management and Business Environment.
Notice that the HOL IT Assessment (test) shows today’s values in the middle, and past values associated with the “Original Assessment” to the left. This is the progress made since the first time the assessment was taken.
Axio recommends, to create a new Milestone each time an assessment is redone. This builds a history of assessment values while keeping a single overall assessment – otherwise known as Continuous Assessments.