CSF Identifiers: Difference between revisions
Jump to navigation
Jump to search
(Created page with "{|class="wikitable" style="width: 85%;" ! style="width: 15%"| Function Unique Identifier ! style="width: 15%"| Function ! style="width: 20%"| Category Unique Identifier ! style="width: 50%"| Category |- |colspan="4"|Assets that are in the CMMC Assessment Scope |- |'''Controlled Unclassified Information (CUI) Assets''' | * Assets that process, store, or transmit CUI |rowspan="2"| * Document in the asset inventory * Document in the System Security Plan (SSP) * Document in...") |
m (Wikiadmin moved page Function and Category Identifiers to CSF Identifiers without leaving a redirect) |
||
(9 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
'''Source of Reference: official [https://www.nist.gov/cyberframework/online-learning/components-framework Cybersecurity Framework Components] from National Institute of Standards and Technology (NIST).''' | |||
For inquiries and reporting errors on this wiki, please [mailto:support@cmmctoolkit.org contact us]. Thank you. | |||
{|class="wikitable" style="width: 85%;" | {|class="wikitable" style="width: 85%;" | ||
! style="width: 15%"| Function Unique Identifier | ! style="width: 15%"| Function Unique Identifier | ||
Line 5: | Line 9: | ||
! style="width: 50%"| Category | ! style="width: 50%"| Category | ||
|- | |- | ||
| | |rowspan="6" style="text-align:center;"|'''ID''' | ||
|rowspan="6" style="text-align:center;"|Identify | |||
|style="text-align:center;"|ID.AM | |||
|Asset Management | |||
|- | |- | ||
| | |style="text-align:center;"|ID.BE | ||
|Business Environment | |||
| | |||
|- | |- | ||
| | |style="text-align:center;"|ID.GV | ||
| | |Governance | ||
|- | |- | ||
| | |style="text-align:center;"|ID.RA | ||
|Risk Assessment | |||
|- | |- | ||
| | |style="text-align:center;"|ID.RM | ||
|Risk Management Strategy | |||
| | |||
|- | |- | ||
| | |style="text-align:center;"|ID.SC | ||
|Business Environment | |||
|- | |- | ||
|''' | |rowspan="6" style="text-align:center;"|'''PR''' | ||
| | |rowspan="6" style="text-align:center;"|Protect | ||
|style="text-align:center;"|PR.AC | |||
| | |Identity Management and Access Control | ||
|- | |||
| | |style="text-align:center;"|PR.AT | ||
|Awareness and Training | |||
|- | |||
|style="text-align:center;"|PR.DS | |||
|Data Security | |||
|- | |||
|style="text-align:center;"|PR.IP | |||
|Information Protection Processes and Procedures | |||
|- | |||
|style="text-align:center;"|PR.MA | |||
|Maintenance | |||
|- | |||
|style="text-align:center;"|PR.PT | |||
|Protective Technology | |||
|- | |||
|rowspan="3" style="text-align:center;"|'''DE''' | |||
|rowspan="3" style="text-align:center;"|Detect | |||
|style="text-align:center;"|DE.AE | |||
|Anomalies and Events | |||
|- | |||
|style="text-align:center;"|DE.CM | |||
|Security Continuous Monitoring | |||
|- | |||
|style="text-align:center;"|DE.DP | |||
|Detection Process | |||
|- | |||
|rowspan="5" style="text-align:center;"|'''RS''' | |||
|rowspan="5" style="text-align:center;"|Respond | |||
|style="text-align:center;"|RS.RP | |||
|Response Planning | |||
|- | |||
|style="text-align:center;"|RS.CO | |||
|Communications | |||
|- | |||
|style="text-align:center;"|RS.AN | |||
|Analysis | |||
|- | |||
|style="text-align:center;"|RS.MI | |||
|Mitigation | |||
|- | |||
|style="text-align:center;"|RS.IM | |||
|Improvements | |||
|- | |||
|rowspan="3" style="text-align:center;"|'''RC''' | |||
|rowspan="3" style="text-align:center;"|Recovery | |||
|style="text-align:center;"|RC.RP | |||
|Recovery Planning | |||
|- | |||
|style="text-align:center;"|RC.IM | |||
|Improvements | |||
|- | |||
|style="text-align:center;"|RC.CO | |||
|Communications | |||
|} | |} |
Latest revision as of 21:08, 9 April 2023
Source of Reference: official Cybersecurity Framework Components from National Institute of Standards and Technology (NIST).
For inquiries and reporting errors on this wiki, please contact us. Thank you.
Function Unique Identifier | Function | Category Unique Identifier | Category |
---|---|---|---|
ID | Identify | ID.AM | Asset Management |
ID.BE | Business Environment | ||
ID.GV | Governance | ||
ID.RA | Risk Assessment | ||
ID.RM | Risk Management Strategy | ||
ID.SC | Business Environment | ||
PR | Protect | PR.AC | Identity Management and Access Control |
PR.AT | Awareness and Training | ||
PR.DS | Data Security | ||
PR.IP | Information Protection Processes and Procedures | ||
PR.MA | Maintenance | ||
PR.PT | Protective Technology | ||
DE | Detect | DE.AE | Anomalies and Events |
DE.CM | Security Continuous Monitoring | ||
DE.DP | Detection Process | ||
RS | Respond | RS.RP | Response Planning |
RS.CO | Communications | ||
RS.AN | Analysis | ||
RS.MI | Mitigation | ||
RS.IM | Improvements | ||
RC | Recovery | RC.RP | Recovery Planning |
RC.IM | Improvements | ||
RC.CO | Communications |