Skip to content
Log in

Govern (Function)

Definition

The sixth and newest CSF core function, introduced in CSF 2.0. It covers the organisational context, risk management strategy, roles and responsibilities, policies, and oversight processes that shape how the other five functions operate. Govern is intended to anchor cybersecurity in business strategy rather than treat it as a purely technical concern.

Related terms

Category
A subdivision of a core function that groups related cybersecurity outcomes. For example, the Identify function contains categories such as Asset Management...
Core Function
The highest level of the CSF hierarchy. CSF 2.0 defines six: Govern, Identify, Protect, Detect, Respond, and Recover. Each function represents a...
CSF Profile
A customised selection of categories and subcategories that reflects an organisation's business environment, risk tolerance, and resources. A Current Profile describes what...
Implementation Tier
A descriptor of how mature an organisation's cybersecurity risk management practices are, on a scale from Tier 1 (Partial, reactive) to Tier...
Subcategory
The most granular level of the CSF core, each describing a specific outcome or practice (for example, 'Physical assets are inventoried'). CSF...

Explained in

  • The NIST Cybersecurity FrameworkThe sixth and newest CSF core function, introduced in CSF 2.0. It covers the organisational context, risk management strategy, roles and responsibilities, poli...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account