This is a potential security issue, you are being redirected to https://csrc.nist.gov.
An official website of the United States government
Here’s how you know
Official websites use .gov
A
.gov website belongs to an official government
organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or https:// means you’ve safely connected to
the .gov website. Share sensitive information only on official,
secure websites.
NIST Cybersecurity Framework
Status:
Final
Informative Reference Version:
1.0.0
Focal Document Version:
Cybersecurity Framework v2.0
Summary: This document maps the Cyber Risk Institute (CRI) Profile ver. 2.0 to the NIST Cybersecurity Framework (CSF) ver. 2.0 using the NIST Online Informative References (OLIR) format.
Target Audience: This document is intended for information security professionals, primarily in the financial services sector, who are interested in understanding how the CRI Profile control objectives map to the NIST Cybersecurity Framework.
Comprehensive:
No
Comments: The CRI Profile is an extension of the NIST CSF developed by and for the financial services sector. The CRI Profile extends the NIST CSF's scope by targeting more specific coverage of enterprise technology/ICT, third-party risk management, and business continuity/resilience. The CRI Profile also extends the NIST CSF by including Diagnostic Statements that provide control objective detail below the subcategory level.
Point of Contact:
Josh Magri, Emily Beam, John Goodman
Category of Submitter:
Private Sector
Citations: N/A
F3C1686D45406C183C9C26EC87AF120FBDFF8CB0036C4188D13ACF143A51A86F
Owner
Reference Document Author:
Cyber Risk Institute
Reference Document:
CRI Profile Version 2.0
Reference Document Date:
02/14/2024
Reference Document URL:
https://CyberRiskInstitute.org/The-Profile/
Reference Developer:
Cyber Risk Institute (CRI)
Posted Date:
2024-03-28
National Online Informative References Program
olir@nist.gov
Cybersecurity Framework
Secure Software Development Framework