Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

profile

Definitions:

  Analytic model of communications associated with an organization or activity. The model is prepared from a systematic examination of communications content and patterns, the functions they reflect, and the communications security measures applied.
Sources:
CNSSI 4009-2015

  A document that provides an implementation-independent specification of CKMS security requirements for use by a community of interest (e.g., U.S. Government, banking, health, or aerospace).
Sources:
NIST SP 800-152 under Profile (for a CKMS)

  The specifications for Federal CKMSs in SP 800-152, including the requirements for their design, implementation, procurement, installation, configuration, management, operation, and use by Federal organizations and their contractors
Sources:
NIST SP 800-152 under Profile (for an FCKMS)

  A profile is a baseline set of minimal cybersecurity requirements for mitigating described threats and vulnerabilities, as well as supporting compliance requirements for a defined scope and type of a particular use case (e.g., industry, information system(s)), using a combination of existing cybersecurity guidance, standards and/or specifications baseline documents or catalogs. A profile organizes selected guidance, standard(s) and/or specification(s) and may narrow, expand and/or otherwise tailor items from the starting material to address the requirements of the profile’s target application.
Sources:
NIST SP 800-213 under Profile

  the desired outcome or ‘to be’ state of cybersecurity implementation
Sources:
NISTIR 8183 under Profile - Target Profile

  the ‘as is’ state of system cybersecurity
Sources:
NISTIR 8183 under Profile - Current Profile

  A representation of the outcomes that a particular system or organization has selected from the Framework Categories and Subcategories.
Sources:
NISTIR 8183 under Profile from NIST Cybersecurity Framework Version 1.0
NISTIR 8183 Rev. 1 under Profile from NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 1 under Profile from NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 2 under Profile from NIST Cybersecurity Framework Version 1.1
NISTIR 8183A Vol. 3 under Profile from NIST Cybersecurity Framework Version 1.1

  Profiles define conforming subsets or combinations of base standards used to provide specific functions. Profiles identify the use of particular options available in the base standards, and provide a basis for the development of uniform, internationally recognized, conformance tests.
Sources:
NISTIR 8074 Vol. 2 under Profiles from ISO/IEC TR 10000-1:1998

  A named tailoring of a benchmark.
Sources:
NISTIR 7275 Rev. 4 under Profile

  A representation of the outcomes that a particular system or organization has selected from the Framework Categories and Subcategories. [CSF] - Target Profile - the desired outcome or "to be" state of cybersecurity implementaton, - Current profile - the "as is" state of system security.
Sources:
NISTIR 8183 under Profile

  A selection of specific Functions, Categories, and Subcategories from the Core that an organization has prioritized to help it manage privacy risk.
Sources:
NIST Privacy Framework Version 1.0 under Profile

  A representation of the outcomes that a particular system or organization has selected from the CSF Categories and Subcategories.
Sources:
NIST IR 8406 [Update 1] under Profile

  A representation of the outcomes that a particular system or organization has selected from the Framework Categories and Subcategories.
Sources:
NIST IR 8270