Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Baldrige Cybersecurity Initiative

Photo of Cyber thumb print with loading sign and Baldrige Framework in background.


Director Message  | How It Works | Training | Blogs | FAQs | NIST Cybersecurity Framework

Baldrige Cybersecurity Excellence Builder (BCEB), Version 1.1

The Baldrige Cybersecurity Excellence Builder, Version 1.1 is a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts and identity improvement opportunities in the context of their overall organizational performance. This self-assessment tool blends organizational assessment approaches from the Baldrige Performance Excellence Program with the concepts and principles of the Cybersecurity Framework developed by NIST’s Applied Cybersecurity Division.


  • Determine cybersecurity-related activities that are important to your business strategy and critical service delivery;
  • Prioritize your investments in managing cybersecurity risk
  • Determine how best to enable your workforce, customers, suppliers, partners, and collaborators to be risk conscious and security aware, and to fulfill their cybersecurity roles and responsibilities
  • Assess the effectiveness and efficiency of your use of cybersecurity standards, guidelines, and practices
  • Assess the cybersecurity results you achieve
  • Identify strengths to leverage and priorities for improvement

Who Should Use the BCEB?

The Baldrige Cybersecurity Excellence Builder is intended for use by leaders and managers—senior leaders, chief security officers, and chief information officers, among others—who are concerned with and responsible for mission-driven, ­cybersecurity-related policy and operations. 

How Baldrige Works with NIST Cybersecurity

The Cybersecurity Framework assembles and organizes standards, guidelines, and practices that are working effectively in many organizations. It also includes informative references that are common across critical infrastructure sectors. 

Chart showing relationship between the Framework for Improving Critical Infrastructure Cybersecurity and the Baldrige Excellence Framework for the Baldrige Cybersecurity Excellence Builder.


The BCEB builds on the Cybersecurity Framework to help you answer these key questions:

  • How effective and efficient are your organization’s cybersecurity approaches?
  • How good are the cybersecurity-related results you are achieving?

The questions in the BCEB lead you to manage all areas affected by cybersecurity in alignment with your organization’s characteristics and environment:

Understand how leaders’ actions guide and sustain cybersecurity risk management.

Set clear strategic priorities and objectives related to cybersecurity.

Understand customers’ requirements and expectations for cybersecurity.

Measure and analyze cybersecurity outcomes that matter; build and manage your organization’s cybersecurity knowledge.

Hire and retain the cybersecurity workforce you need; engage and empower your overall workforce to achieve your objectives.

Design and manage effective and efficient cybersecurity operations.

Track important results. Use them to inform decisions and to improve your cybersecurity policies and operations.

Are External Assessments Available?

In Phase 1 of the initiative, the Baldrige Program teamed up with NIST’s Applied Cybersecurity Division responsible for the NIST Cybersecurity Framework, to develop a self-assessment tool, using a phased approach and input from numerous industry sources. 

Pending funding, Phase 2 would involve voluntary assessments by independent experts, sharing of best practices, and voluntary recognition for exceptional performance. 

Related Links

Baldrige Cybersecurity Excellence Builder
BCEB Process and Results Questions Excel
BCEB Self-Analysis Worksheet Excel
NIST Cybersecurity Framework


Baldrige Cybersecurity Initiative
NIST Cybersecurity Framework Industry Impacts
How Baldrige Works
Baldrige Key Terms
Baldrige Products and Services



  • Baldrige Customer Service
    (301) 975-2036
    100 Bureau Drive, M/S 1020
    Gaithersburg, MD 20899-1020
Created June 13, 2016, Updated November 15, 2019