Full 108-control NIST CSF 2.0 coverage with heat-map scoring at the function level. QFX templates support the Govern, Identify, Protect, Detect, Respond, and Recover functions with maturity-graded responses.
NIST Cybersecurity Framework 2.0 — 108 controls, six functions
Includes the new Govern (GV) function added in CSF 2.0 — risk management strategy, oversight, and policy mapping.
Five-level CMMI-style scale per control with partial-credit scoring rolled to a 0–100% function score. Beats binary pass/fail.
NIST CSF is the default scoring framework for M&A Cyber Diligence engagements — the heat map drives the executive Cyber Diligence Pack.
Each CSF control is mapped — evidence collected for CSF satisfies the corresponding SOC 2 TSC and ISO Annex A controls.
Function-level (GV / ID / PR / DE / RS / RC) maturity heat map ready for board reporting.
Controls with no evidence flagged with recommended remediation path — assign training, publish policy, run assessment.
Coverage percentages tracked quarter-over-quarter — proves the program is maturing, not regressing.
Verisq generates the artifacts your auditors and regulators expect — on demand, with current data, with framework mappings embedded.