Welcome to Fit4CSA

Fit4CSA is a self-assessment tool to streamline the process of applying for a basic-level cybersecurity certification in the context of the CyberSecurity Act (CSA - EU 2019/881). Fit4CSA is part of the CORAL EU-funded project.

How does Fit4CSA work?

1. Select what you would like to assess: an ICT service, an ICT process, an ICT product - Web application or an ICT generic product.
2. Depending on your choice, you will need to fill in a questionnaire with both single choice and multiple choice questions. If you have supporting evidence for each of your answers (a policy, procedure, etc.), we recommend that you to keep track of this all throughout the questionnaire in order to establish a mapping of this evidence as you progress.
3. At the end of the survey, you will be given a score and a set of recommendations. Your Scybersecurity maturity can improve if you follow these recommendations.
4. If you scored at least 85%, Fit4CSA will additionally ask if you want a CSA conformity self-assessment, or to apply a basic-level certification. In the first case, you will be able to download the report with your answers and use it as a basis of your conformity self-assessment. In the second case, you will be asked to register and start an audit process based on the report issued within Fit4CSA. Keep in mind that all evidence supporting your answers might be requested later by the auditor of your choice.

The first 3 steps of this process are anonymous.

If at some point, you wish to continue the survey later, you click on the Continue later button and save the provided link separately. Using that link, you can pick up where you left off anytime.