Incident Response Readiness Calculator

Calculator Inputs

Use scores from 0 to 100 for each readiness domain. Adjust weights to reflect business priorities and threat exposure.

Governance Score

Playbooks Score

Detection Score

Containment Score

Communication Score

Training Score

Exercises Score

Forensics Score

Third-Party Score

Recovery Score

Compliance Score

Metrics Score

Incidents per Quarter

MTTD Hours

MTTR Hours

Monitoring Coverage %

Critical Assets Count

Responder Staff Count

Domain Weights

Weight: Governance

Weight: Playbooks

Weight: Detection

Weight: Containment

Weight: Communication

Weight: Training

Weight: Exercises

Weight: Forensics

Weight: Third-Party

Weight: Recovery

Weight: Compliance

Weight: Metrics

Readiness Chart

The chart compares domain-level scores and highlights response capability distribution.

Example Data Table

Area	Example Score	Example Weight	Interpretation
Governance	82	10	Roles, authority, and escalation are well defined.
Detection	76	12	Monitoring is broad, but tuning can still improve.
Exercises	54	8	Simulations occur infrequently and lessons close slowly.
Recovery	74	8	Restoration plans exist and are partly tested.
Metrics	59	6	Core response KPIs exist, but dashboard maturity is limited.

Formula Used

Weighted readiness score = Σ(domain score × domain weight) ÷ Σ(weights).

Operational adjustment = coverage bonus + staffing factor − detection penalty − recovery penalty − incident penalty.

Coverage bonus = monitoring coverage % × 0.10.

Staffing factor = min(10, responder staff ÷ critical assets × 40).

Detection penalty = min(25, MTTD hours × 0.8).

Recovery penalty = min(25, MTTR hours × 0.5).

Incident penalty = min(15, incidents per quarter × 1.2).

Final readiness score = weighted readiness score + operational adjustment, limited to a 0–100 range.

How to Use This Calculator

Enter a score from 0 to 100 for each readiness domain.
Set domain weights based on your environment and risk priorities.
Provide operational values such as incidents, MTTD, MTTR, and coverage.
Click Calculate Readiness to show the result above the form.
Review the maturity level, risk band, weakest domains, and recommendations.
Use the chart and CSV or PDF exports for reporting or audit reviews.

Frequently Asked Questions

1. What does this calculator measure?

It estimates how prepared an organization is to detect, contain, investigate, communicate, and recover from cybersecurity incidents using weighted control and operational inputs.

2. Why are weights included?

Weights let you emphasize what matters most in your environment. A regulated business may weight governance and compliance higher, while a cloud-heavy team may weight detection and recovery more.

3. What is a good readiness score?

Scores above 85 suggest strong maturity. Scores from 70 to 84 show managed readiness. Scores below 55 indicate significant gaps needing near-term remediation.

4. How should I score each domain?

Use evidence such as policy reviews, control testing, tabletop results, service-level performance, audit findings, and responder feedback. Higher scores should reflect repeatable, tested practices.

5. Why do MTTD and MTTR reduce the score?

Longer detection and response times often indicate weaker operational performance. The calculator subtracts penalties so slow real-world execution lowers the final readiness result.

6. Can this calculator support audits or board reporting?

Yes. It can help structure discussions, summarize priorities, and support trend reporting. It should complement, not replace, detailed security assessments and formal control testing.

7. How often should readiness be reviewed?

Quarterly reviews are common. Review sooner after major incidents, tooling changes, mergers, new regulations, or significant shifts in infrastructure and threat exposure.

8. Can I customize the scoring model further?

Yes. You can change weights, thresholds, benchmarks, or penalty factors to align the model with internal policy, sector guidance, and business-critical systems.