Track risk remediation from assessment to completion. Create treatment items, assign ownership, monitor progress with step-by-step checklists, and export results for your auditor. No signup, no install, no data leaves your browser.
Works standalone or as a companion to the NIST CSF 2.0 Assessment Tool — import your assessment results to auto-generate a treatment plan from identified gaps.
What's Included
Break each treatment into actionable steps. Check them off as you go — progress calculates automatically with timestamps.
Items sort by risk level by default — Critical first, Low last. Filter by risk level or sort by status, deadline, or progress.
Link treatment items to specific framework controls. Track current and target maturity tiers for each item.
Import a saved NIST CSF 2.0 assessment. The tool identifies Tier 1 and 2 gaps and auto-generates treatment items with checklists.
Save your plan as JSON to continue later. Export to CSV for reporting, auditor handoff, or import into Excel.
Runs entirely in your browser. No server connection required — your treatment plan data stays on your device.
Getting Started
Click "Launch Tool" above. Everything runs in your browser — no data is sent anywhere.
Create items manually, or import a NIST CSF 2.0 assessment to auto-generate items from your gaps.
Set risk level, impact, effort estimate, owner, and target deadline for each item.
Add step-by-step remediation tasks to each item. Check them off as work is completed.
Monitor overall completion on the dashboard. Filter by risk level or sort by deadline to focus on what matters.
Save as JSON to continue later. Export to CSV for your auditor or stakeholders.
Workflow
The Risk Treatment Plan Tool works standalone, but it's most powerful when paired with the free NIST CSF 2.0 Assessment Tool. Run your assessment, save the results, then import them here — your treatment plan builds itself from the gaps.
Start with a CSF Assessment →Free Assessment Tools