Jump to content
Sign in to follow this  
Guest Alex Calis

What is a Framework Profile

Recommended Posts

Guest Alex Calis

A framework profile helps illustrate the cybersecurity program of an organization. A profile can be created by selecting the outcomes from the Framework Categories and Subcategories that are most important to the organization based on business drivers and risk. For those selected, information about organizational policy and practices can be captured, providing more details on how the organizations manages their cybersecurity program. This method allows an organization to clearly present their cybersecurity program through a Profile.

 

Organizations can create both Target and Current Profiles. The Current Profile captures the cybersecurity program as it exists today, while the Target Profile captures the organizational goals for the cybersecurity program. These two can be compared to determine steps for meeting the Target Profile goals. Additionally, the Profiles serve as a way to communicate cybersecurity both internally and externally. Internally they can be used to articulate the cybersecurity practices to executives and directors, while externally they can be used communicate cybersecurity to partner organizations. In this way, creating profiles aids in meeting and communicating cybersecurity goals.

Share this post


Link to post
Share on other sites
Sign in to follow this  

×