Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Cybersecurity Framework 2.0: Enterprise Risk Management Quick-Start Guide

Published

Author(s)

Stephen Quinn, Victoria Pillitteri, Matthew Barrett, Matthew Smith, Gregory Witte

Abstract

This guide provides an introduction to using the NIST Cybersecurity Framework (CSF) 2.0 for planning and integrating an enterprise-wide process for integrating cybersecurity risk management information, as a subset of information and communications technology risk management, into enterprise risk management. The use of CSF common language and outcomes supports the integration of risk monitoring, evaluation, and adjustment across various organizational units and programs.
Citation
Special Publication (NIST SP) - 1303
Report Number
1303

Keywords

Enterprise risk management, NIST Cybersecurity Framework (CSF) 2.0

Citation

Quinn, S. , Pillitteri, V. , Barrett, M. , Smith, M. and Witte, G. (2024), NIST Cybersecurity Framework 2.0: Enterprise Risk Management Quick-Start Guide, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.1303 , https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=958603 (Accessed December 3, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 21, 2024, Updated October 25, 2024