3-3 NIST_CSF_Appendix-A

Cybersecurity Framework

A structured document providing guidelines to manage and mitigate cybersecurity risks across critical infrastructure sectors.

Framework Core

The foundational set of Functions, Categories, Subcategories, and Informative References within the Cybersecurity Framework.

Functions

High-level functions that organize cybersecurity activities into five areas: Identify, Protect, Detect, Respond, and Recover.

Categories

Subsets of Functions that provide specific cybersecurity outcomes and guidance.

Subcategories

Specific outcomes listed under each Category that describe particular cybersecurity activities.

Informative References

Resources and guidelines that provide further information on how to achieve the outcomes of Subcategories.

Risk Management

The process of identifying, assessing, and controlling threats to an organization's assets.

Asset Management

The processes to ensure that the organization’s assets are identified and managed according to their value.

Data Security

Practices aimed at protecting data from unauthorized access and corruption throughout its lifecycle.

Supply Chain Risk Management

The process of identifying, assessing, and mitigating risks associated with suppliers and third-party partners.

Incident Response

A set of procedures and actions taken in response to a detected cybersecurity incident.

Resilience Requirements

Specifications of necessary capabilities to ensure delivery of critical services during adverse situations.

Awareness and Training

Programs designed to educate personnel on their cybersecurity responsibilities and enhance their awareness of cybersecurity risks.

Continuous Monitoring

The ongoing observation and assessment of security controls and systems to detect and respond to threats.

Governance

The framework of policies and processes governing how an organization manages its cybersecurity risk and compliance.

Cyber Supply Chain Risk

The risks associated with dependencies on external suppliers and service providers in maintaining cybersecurity.

Incident Alert Thresholds

Predefined thresholds for determining when to trigger an incident response based on detected anomalies.

Mitigation

Actions taken to reduce the severity or likelihood of a cybersecurity incident.

Recovery Plan

Documentation outlining procedures for restoring systems and operations after a cybersecurity incident.

Vulnerability Management Plan

A strategy to identify, classify, remediate, and mitigate vulnerabilities in systems and software.

Least Privilege

A security principle that restricts user access rights to the bare minimum necessary to perform their jobs.

Assessment

The ongoing evaluation of risks, vulnerabilities, and performance of security measures in an organization.