Date Published: March 23, 2026
Comments Due:
Email Comments to:
Author(s)
National Institute of Standards and Technology
Announcement
The Initial Public Draft of SP 1347, NIST Cybersecurity Framework 2.0: Informative References Quick‑Start Guide, explains what informative references are and how they support achieving the outcomes of the NIST Cybersecurity Framework (CSF) 2.0. The guide also introduces readers to NIST tools available for accessing, viewing, and using informative references for cybersecurity risk management, including direct download, the CSF 2.0 Reference Tool, and the Online Informative References Program. The draft contains two sample use cases and provides an overview of how artificial intelligence tools can support reference data use.
Informative References identify relationships between elements of different source documents and can be consumed in human- or machine-readable formats. For example, within the CSF 2.0, each informative reference indicates one or more parts of another document in which readers can find additional information on the topic (known as a crosswalk). This can be useful as organizations work toward achieving the outcomes of the CSF 2.0. SP 1347, CSF 2.0 Informative References Quick‑Start Guide, explains what informative references are and how they support achieving the outcomes of the CSF 2.0. The guide also introduces readers to NIST tools available for accessing, viewing, and using informative references for cybersecurity risk management, including direct download, the CSF 2.0 Reference Tool, and the Online Informative References Program. The draft contains two sample use cases and provides an overview of how artificial intelligence tools can support reference data use.
Informative References identify relationships between elements of different source documents and can be consumed in human- or machine-readable formats. For example, within the CSF 2.0, each informative reference indicates one or more parts of another document in which readers can find additional...
See full abstract
Informative References identify relationships between elements of different source documents and can be consumed in human- or machine-readable formats. For example, within the CSF 2.0, each informative reference indicates one or more parts of another document in which readers can find additional information on the topic (known as a crosswalk). This can be useful as organizations work toward achieving the outcomes of the CSF 2.0. SP 1347, CSF 2.0 Informative References Quick‑Start Guide, explains what informative references are and how they support achieving the outcomes of the CSF 2.0. The guide also introduces readers to NIST tools available for accessing, viewing, and using informative references for cybersecurity risk management, including direct download, the CSF 2.0 Reference Tool, and the Online Informative References Program. The draft contains two sample use cases and provides an overview of how artificial intelligence tools can support reference data use.
Hide full abstract
Keywords
NIST Cybersecurity Framework (CSF) 2.0; informative references; mappings; reference data; datasets
Control Families
None selected
