Skip to content
Log in

CSF Profile

Definition

A customised selection of categories and subcategories that reflects an organisation's business environment, risk tolerance, and resources. A Current Profile describes what is in place; a Target Profile describes what the organisation aims to achieve. The gap between the two guides prioritisation.

Related terms

Category
A subdivision of a core function that groups related cybersecurity outcomes. For example, the Identify function contains categories such as Asset Management...
Core Function
The highest level of the CSF hierarchy. CSF 2.0 defines six: Govern, Identify, Protect, Detect, Respond, and Recover. Each function represents a...
Govern (Function)
The sixth and newest CSF core function, introduced in CSF 2.0. It covers the organisational context, risk management strategy, roles and responsibilities,...
Implementation Tier
A descriptor of how mature an organisation's cybersecurity risk management practices are, on a scale from Tier 1 (Partial, reactive) to Tier...
Subcategory
The most granular level of the CSF core, each describing a specific outcome or practice (for example, 'Physical assets are inventoried'). CSF...

Explained in

  • The NIST Cybersecurity FrameworkA customised selection of categories and subcategories that reflects an organisation's business environment, risk tolerance, and resources. A Current Profile d...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account