According to the NIST Cyber security Framework, which of the following steps involves Identifying related systems and assets, regulatory requirements, and the overall risk approach?
Step 1: Prioritize and Scope: Identify business/mission objectives and prioritize organizational efforts.
Step 2: Orient: Identify related systems, assets, regulatory requirements, and overall risk approach.
Step 3: Create a Current Profile: Develop a current profile by identifying existing cybersecurity practices.
Orient Step:
Purpose: To establish a comprehensive understanding of the organization's environment, including systems, assets, regulatory requirements, and the risk management approach.
Activities: Involves mapping out the organizational context and identifying key elements that influence cybersecurity posture.
NIST Cybersecurity Framework: Provides a policy framework of computer security guidance for how private sector organizations in the U.S. can assess and improve their ability to prevent, detect, and respond to cyber attacks.
NIST SP 800-53: Further details on risk management and security controls relevant to the orient step.
Cybersecurity References:The Orient step is crucial for setting the foundation for an effective cybersecurity strategy by understanding the full scope of the organization's environment and requirements.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit