is a structured evaluation of an organization’s cybersecurity practices, policies, and capabilities. It measures the effectiveness and maturity of existing security controls, processes, and strategies against industry best practices and frameworks. The assessment helps identify gaps, prioritize improvements, and align security measures with business objectives and risk tolerance.