Fixed Intel
Back to Frameworks
NIS

NIST CSF

v2.0ACTIVE

NIST Cybersecurity Framework

The U.S. National Institute of Standards and Technology Cybersecurity Framework. Widely adopted globally as a baseline for cybersecurity risk management.

NIST
International
Official Website

15

Total Controls

6

Domains

11

Cross-Framework Mappings

International

Region

Detect

2
DE.CM-01HIGH1 mapping

Networks and network services are monitored

DE.CM-06MEDIUM

External service provider activities are monitored

Govern

3
GV.PO-01HIGH1 mapping

Cybersecurity risk management policy established

Mapped to Other Frameworks

NC
1-1NCA ECC

Cybersecurity Policy

EXACT
GV.RM-01HIGH1 mapping

Risk management objectives established

Mapped to Other Frameworks

NC
2-1NCA ECC

Risk Management

EXACT
GV.RR-01HIGH1 mapping

Organizational context for cybersecurity risk management

Identify

3
ID.AM-01HIGH

Inventories of hardware managed by the organization

ID.AM-02HIGH

Inventories of software managed by the organization

ID.RA-01HIGH1 mapping

Vulnerabilities in assets are identified

Protect

4
PR.AA-01HIGH1 mapping

Identities and credentials for authorized users managed

Mapped to Other Frameworks

NC
3-1NCA ECC

Access Control Policy

EXACT
PR.AA-03HIGH1 mapping

Users, services, and hardware are authenticated

Mapped to Other Frameworks

NC
3-3NCA ECC

Authentication

EXACT
PR.PS-01HIGH1 mapping

Configuration management practices established

Mapped to Other Frameworks

NC
4-1NCA ECC

Secure Configuration

EXACT
PR.PS-02HIGH

Software is maintained, replaced, and removed

Recover

1
RC.RP-01HIGH1 mapping

Recovery plan is executed

Respond

2
RS.MA-01HIGH1 mapping

Incident management plan is executed

RS.MI-01HIGH1 mapping

Incidents are contained

Mapped to Other Frameworks

NC
5-3NCA ECC

Incident Handling

EXACT