This course introduces the NIST Cybersecurity Framework (NIST-CSF).
The Framework is a risk-based approach to managing cybersecurity and is composed of three parts: Framework Core, Framework Implementation Tiers, and Framework Profiles. Each Framework component reinforces the connection between business drivers and cybersecurity activities.
This course discusses how an organization can use the Framework as a key part of its systematic process for identifying, assessing, and managing cybersecurity risk.
The Framework is not intended to replace existing processes; an organization can use its current process and overlay it onto the Framework to determine gaps in its current approach and to develop a roadmap for improvement.
Using the Framework as a cybersecurity risk management tool, an organization can determine activities that are most important to critical service delivery and prioritize expenditures to maximize the impact of the investment.
This course is supplemented by a student book to enhance the learning experience.
The desired or expected outcome is a fundamental understanding of the NIST-CSF and preparation to sit the NCSP Foundation exam.