Cybersecurity Surveys

Overview

This page hosts several surveys relevant to cybersecurity in California. In general, participation is voluntary. However, select surveys may be requirements for grant program subrecipients.

State and Local Cybersecurity Grant Program (SLCGP) Required Surveys

Applicants will be required to complete various surveys – please see the RFP when it is published for details. Please complete only ONE survey/questionnaire for each organization/agency applying for a grant. Duplicates may be ignored. Please coordinate within your organization to ensure the appropriate cybersecurity leaders and subject matter experts weigh in on these surveys, but they can be submitted by your primary grant applicant point of contact.

  • REQUIRED: State and Local Government Cybersecurity Maturity Questionnaire
    • Survey link: https://calcsic-prod.agilsoft.cloud/worker-portal/public/survey/41f8fb60-0d3d-4035-817f-61c6f63032c3
    • Opens: July 31, 2024
    • Closes: September 27, 2024
    • The agilsoft.cloud link provided above is to an approved vendor platform provided under contract to Cal OES– AgilSoft is a Cal-CSIC technology partner. Please save a copy of your response if you can and include with your grant application documents. If you would prefer to complete this more directly, you can download the questions as a fillable pdf form which will be provided at the survey link once it goes live. In both cases, send the completed form to InternalProjects@caloes.ca.gov with your grant application documents.
    • Download the list of questions (this is a sample, do not submit this form)
  • REQUIRED: See NCSR below. The NCSR is a post-award requirement for SLCGP sub-recipients.

For more information on the SLCGP, see the Cal OES Grants Management SLCGP page

NCSR

The Nationwide Cybersecurity Review (NCSR) is generally voluntary but is also a requirement of certain federal grant programs. The NCSR is a free, anonymous, annual self-assessment designed to measure gaps and capabilities of a SLT’s cybersecurity programs. It is based on the National Institute of Standards and Technology Cybersecurity Framework and is sponsored by DHS and the MS-ISAC.

SLCGP entities and their subrecipients should complete the NCSR, administered by the MS-ISAC, during the first year of the award/subaward period of performance and annually.

For more information, visit Nationwide Cybersecurity Review (NCSR) (cisecurity.org).