BastionCore · IR Readiness Tool
Incident Response Readiness Scorecard
Score your organization across 8 critical dimensions of incident response readiness. Uncoordinated response, regulatory penalties, and extended recovery times are the cost of an untested IR program. Know where you stand before it matters.
BastionCore IR Readiness Score
8 Dimensions · Max 40
IR Plan
2
Roles & Responsibilities
2
Incident Playbooks
2
Communication Protocols
2
Tabletop Exercises
2
Regulatory Readiness
3
BC/DR Integration
3
Detection & Forensics
4
Total Score
Developing Tier
20 / 40
BastionCore · IR Readiness Tool
Incident Response Readiness Scorecard
Score your organization across 8 critical dimensions of incident response readiness. Uncoordinated response, regulatory penalties, and extended recovery times are the cost of an untested IR program. Know where you stand before it matters.
BastionCore IR Readiness Score
8 Dimensions · Max 40
IR Plan
2
Roles & Responsibilities
2
Incident Playbooks
2
Communication Protocols
2
Tabletop Exercises
2
Regulatory Readiness
3
BC/DR Integration
3
Detection & Forensics
4
Total Score
Developing Tier
20 / 40
BastionCore · IR Readiness Tool
Incident Response Readiness Scorecard
Score your organization across 8 critical dimensions of incident response readiness. Uncoordinated response, regulatory penalties, and extended recovery times are the cost of an untested IR program. Know where you stand before it matters.
BastionCore IR Readiness Score
8 Dimensions · Max 40
IR Plan
2
Roles & Responsibilities
2
Incident Playbooks
2
Communication Protocols
2
Tabletop Exercises
2
Regulatory Readiness
3
BC/DR Integration
3
Detection & Forensics
4
Total Score
Developing Tier
20 / 40
Microsoft Gold Partner
HIPAA Compliant Deployments
SOX / FFIEC
Aligned
SOC 2
Practices
100+ Clients Managed
Microsoft Gold Partner
HIPAA Compliant Deployments
SOX / FFIEC Aligned
SOC 2 Practices
100+ Clients Managed
Microsoft Gold Partner
HIPAA Compliant Deployments
SOX / FFIEC Aligned
SOC 2 Practices
100+ Clients Managed
How to Use This Scorecard
This scorecard evaluates your organization across 8 critical dimensions of incident response readiness. For each dimension, you will rate your organization on a scale of 1 to 5 based on the criteria described. The total score provides a maturity rating and recommended next steps.
SOC Maturity Levels
1
Non-Existent
No capability or documentation exists in this area
2
Ad Hoc
Some informal capability exists but is inconsistent and undocumented
3
Developing
Documented processes exist but are not consistently followed or tested
4
Established
Processes are documented, followed, and periodically tested
5
Optimized
Processes are tested regularly, measured, and continuously improved
Instructions: For each dimension on the following pages, read the criteria carefully and circle or write the score (1-5) that best describes your organization today. Be honest with yourself. This assessment is most valuable when it reflects reality, not aspiration.
How to Use This Scorecard
This scorecard evaluates your organization across 8 critical dimensions of incident response readiness. For each dimension, you will rate your organization on a scale of 1 to 5 based on the criteria described. The total score provides a maturity rating and recommended next steps.
SOC Maturity Levels
1
Non-Existen
No capability or documentation exists in this area
2
Ad Hoc
Some informal capability exists but is inconsistent and undocumented
3
Developing
Documented processes exist but are not consistently followed or tested
4
Established
Processes are documented, followed, and periodically tested
5
Optimized
Processes are tested regularly, measured, and continuously improved
5
Optimized
Continuous improvement via metrics and automation.
Instructions: For each dimension on the following pages, read the criteria carefully and circle or write the score (1-5) that best describes your organization today. Be honest with yourself. This assessment is most valuable when it reflects reality, not aspiration.
How to Use This Scorecard
This scorecard evaluates your organization across 8 critical dimensions of incident response readiness. For each dimension, you will rate your organization on a scale of 1 to 5 based on the criteria described. The total score provides a maturity rating and recommended next steps.
SOC Maturity Levels
1
Non-Existent
No capability or documentation exists in this area
2
Ad Hoc
Some informal capability exists but is inconsistent and undocumented
3
Developing
Documented processes exist but are not consistently followed or tested
4
Established
Processes are documented, followed, and periodically tested
5
Optimized
Processes are tested regularly, measured, and continuously improved
Instructions: For each dimension on the following pages, read the criteria carefully and circle or write the score (1-5) that best describes your organization today. Be honest with yourself. This assessment is most valuable when it reflects reality, not aspiration.
Score your organization across all 8 dimensions
Score your organization across all 8 dimensions
Score your organization across all 8 dimensions
For each dimension, read the criteria carefully and write the score that best describes your organization today. Use the priority action boxes as your remediation guide for any dimension scoring 1 or 2.
For each dimension, read the criteria carefully and write the score that best describes your organization today. Use the priority action boxes as your remediation guide for any dimension scoring 1 or 2.
RESULT
Add Your Scores From all 8 Dimensions
Your total score maps to one of four IR readiness maturity tiers. Each tier comes with a specific interpretation and recommended action path.
8–15
Critical
Significant gaps — immediate risk
Your organization has significant IR gaps that present immediate risk. A security incident would likely result in uncoordinated response, regulatory penalties, and extended recovery times. Recommend engaging professional IR planning support immediately.
16–24
Developing
Good on paper, never validated
Some foundations are in place, but gaps in testing, coordination, or integration create meaningful risk. Most organizations at this level have plans that look good on paper but have never been validated. Recommend tabletop exercises and gap remediation.
25-32
Established
Solid capability, room for optimization
Your organization has solid IR capability with room for optimization. Focus on increasing exercise frequency, broadening cross-functional participation, and tightening BC/DR integration to reach full maturity.
33-40
Optimized
Mature, well-tested IR program
Your IR program is mature and well-tested. Focus on continuous improvement, emerging threat scenarios (AI manipulation, cloud-native attacks), and maintaining exercise cadence to sustain this level.
RESULT
Add Your Scores From all 8 Dimensions
Your total score maps to one of four IR readiness maturity tiers. Each tier comes with a specific interpretation and recommended action path.
8–15
Critical
Significant gaps — immediate risk
Your organization has significant IR gaps that present immediate risk. A security incident would likely result in uncoordinated response, regulatory penalties, and extended recovery times. Recommend engaging professional IR planning support immediately.
16–24
Developing
Good on paper, never validated
Some foundations are in place, but gaps in testing, coordination, or integration create meaningful risk. Most organizations at this level have plans that look good on paper but have never been validated. Recommend tabletop exercises and gap remediation.
25-32
Established
Solid capability, room for optimization
Your organization has solid IR capability with room for optimization. Focus on increasing exercise frequency, broadening cross-functional participation, and tightening BC/DR integration to reach full maturity.
33-40
Optimized
Mature, well-tested IR program
Your IR program is mature and well-tested. Focus on continuous improvement, emerging threat scenarios (AI manipulation, cloud-native attacks), and maintaining exercise cadence to sustain this level.
RESULT
Add Your Scores From all 8 Dimensions
Your total score maps to one of four IR readiness maturity tiers. Each tier comes with a specific interpretation and recommended action path.
8–15
Critical
Significant gaps — immediate risk
Your organization has significant IR gaps that present immediate risk. A security incident would likely result in uncoordinated response, regulatory penalties, and extended recovery times. Recommend engaging professional IR planning support immediately.
16–24
Developing
Good on paper, never validated
Some foundations are in place, but gaps in testing, coordination, or integration create meaningful risk. Most organizations at this level have plans that look good on paper but have never been validated. Recommend tabletop exercises and gap remediation.
25-32
Established
Solid capability, room for optimization
Your organization has solid IR capability with room for optimization. Focus on increasing exercise frequency, broadening cross-functional participation, and tightening BC/DR integration to reach full maturity.
33-40
Optimized
Mature, well-tested IR program
Your IR program is mature and well-tested. Focus on continuous improvement, emerging threat scenarios (AI manipulation, cloud-native attacks), and maintaining exercise cadence to sustain this level.
Priority Actions by Domain
For dimensions scoring 3, schedule improvements within 90 days. These are the priority actions for the most common IR gaps.
IR Plan (Score 1-2)
Engage professional IR planning support to develop a NIST-aligned incident response plan within 60 days
Roles (Score 1-2)
Define an IR team with a RACI matrix covering IT, legal, HR, communications, and executive leadership
Playbooks (Score 1-2)
Develop ransomware and BEC playbooks as immediate priorities since these are the most common scenarios
Communication (Score 1-2)
Create pre-drafted notification templates and establish out-of-band communication channels
Exercises (Score 1-3)
Schedule at least one tabletop exercise within 90 days with cross-functional participation
Regulatory (Score 1-2)
Map all applicable breach notification requirements by jurisdiction and pre-engage legal counsel
BC/DR Integration (Score 1-2)
Conduct a business impact analysis and integrate findings into containment decision procedures
Detection (Score 1-2)
Implement centralized log management and establish baseline detection rules for critical assets
Priority Actions by Domain
For dimensions scoring 3, schedule improvements within 90 days. These are the priority actions for the most common IR gaps.
IR Plan (Score 1-2)
Engage professional IR planning support to develop a NIST-aligned incident response plan within 60 days
Roles (Score 1-2)
Define an IR team with a RACI matrix covering IT, legal, HR, communications, and executive leadership
Playbooks (Score 1-2)
Develop ransomware and BEC playbooks as immediate priorities since these are the most common scenarios
Communication (Score 1-2)
Create pre-drafted notification templates and establish out-of-band communication channels
Exercises (Score 1-3)
Schedule at least one tabletop exercise within 90 days with cross-functional participation
Regulatory (Score 1-2)
Map all applicable breach notification requirements by jurisdiction and pre-engage legal counsel
Detection (Score 1-2)
Implement centralized log management and establish baseline detection rules for critical assets
BC/DR Integration (Score 1-2)
Conduct a business impact analysis and integrate findings into containment decision procedures
Exercises (Score 1-3)
Schedule at least one tabletop exercise within 90 days with cross-functional participation
Priority Actions by Domain
For dimensions scoring 3, schedule improvements within 90 days. These are the priority actions for the most common IR gaps.
IR Plan (Score 1-2)
Engage professional IR planning support to develop a NIST-aligned incident response plan within 60 days
Roles (Score 1-2)
Define an IR team with a RACI matrix covering IT, legal, HR, communications, and executive leadership
Playbooks (Score 1-2)
Develop ransomware and BEC playbooks as immediate priorities since these are the most common scenarios
Communication (Score 1-2)
Create pre-drafted notification templates and establish out-of-band communication channels
Exercises (Score 1-3)
Schedule at least one tabletop exercise within 90 days with cross-functional participation
Regulatory (Score 1-2)
Map all applicable breach notification requirements by jurisdiction and pre-engage legal counsel
BC/DR Integration (Score 1-2)
Conduct a business impact analysis and integrate findings into containment decision procedures
Detection (Score 1-2)
Implement centralized log management and establish baseline detection rules for critical assets
Ready To Close The Gaps?
Your scorecard reveals where you stand. BastionCore builds the capability to close the gaps.
Ready To Close The Gaps?
Your scorecard reveals where you stand. BastionCore builds the capability to close the gaps.
Ready To Close The Gaps?
Your scorecard reveals where you stand. BastionCore builds the capability to close the gaps.
© 2026 X-Centric IT Solutions. All Rights Reserved
© 2026 X-Centric IT Solutions. All Rights Reserved
© 2026 X-Centric IT Solutions. All Rights Reserved
