DigitalGovernance — Board-Level Digital-Risk Dashboard (NIST CSF 2.0)
14 NIST CSF 2.0 categories scored across the 6 functions (GOVERN + IDENTIFY + PROTECT + DETECT + RESPOND + RECOVER) with 4-tier maturity model. Per category: trend vs last quarter, top finding, owner, board-action recommendation. The artifact every public-company audit committee asks for under the SEC Cyber Disclosure Rule.
What it is
The board-facing summary view across the entire portfolio. Where every other tool tracks a specific control, DigitalGovernance rolls them into the 14 categories the SEC and NIST CSF 2.0 expect.
What’s in it
- 14 NIST CSF 2.0 categories × 4-tier maturity (initial / repeatable / defined / optimizing)
- Per category: trend, top finding, owner, board action
- Cross-references: PR.AA → AccessReviewer + ScopeCreep + APITokenAudit; DE.CM → EgressGate + WAFRulePolicy + AlertNoiseAudit; RC.RP → ChaosScore + DRFailoverDrill; etc.
- Function rollups at top showing average tier per function
Why this shape
NIST CSF 2.0 (Feb 2024) added the GOVERN function. SEC Cyber Disclosure Rule (Jul 2023) requires public-company boards to demonstrate cyber-risk oversight. NACD Director’s Handbook on Cyber-Risk Oversight is the artifact every audit committee uses.
How it ships
Single HTML file, ~10KB. Zero dependencies. 14 categories × tier scoring + per-category board-action in 100 lines of vanilla JavaScript.