CORA

CORA (Cybersecurity Operational Readiness Assessment) is the DoD's inspection process for evaluating the cybersecurity posture of military commands and their information systems. CORA replaced the older CCRI (Command Cyber Readiness Inspection) process and assesses whether an organization's networks, systems, and personnel meet DoD cybersecurity standards.

During a CORA, inspectors evaluate vulnerability management, STIG compliance, account management, physical security, training compliance, and overall cybersecurity program maturity. The assessment covers both technical controls and organizational processes.