U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Publications

Other Discussion Draft (Initial Public Draft)

Discussion Draft of the NIST Cybersecurity Framework 2.0 Core with Implementation Examples

Date Published: August 8, 2023
Comments Due: November 4, 2023
Email Comments to: cyberframework@nist.gov

Supersedes: Other Discussion Draft of the NIST Cybersecurity Framework 2.0 Core (04/24/2023)

Author(s)

National Institute of Standards and Technology

Announcement

This is the discussion draft of Implementation Examples (Examples) for the NIST Cybersecurity Framework (CSF or Framework) 2.0. It complements and is based on the Core from the NIST CSF 2.0 Public Draft, also open for comment. NIST seeks input on: 

  • concrete improvements to the Examples;
  • whether the Examples are written at an appropriate level of specificity and helpful for a diverse range of organizations;
  • what other types of Examples would be most beneficial to Framework users;
  • what existing sources of implementation guidance might be readily adopted as sources of Examples (such as the NICE Framework Tasks);
  • how often Examples should be updated; and 
  • whether and how to accept Examples developed by the community.

Feedback on this draft may be submitted to cyberframework@nist.gov by Friday, November 4, 2023. 

All relevant comments, including attachments and other supporting material, will be made publicly available on the NIST CSF 2.0 website. Personal, sensitive, confidential, or promotional business information should not be included. Comments with inappropriate language will not be considered.

CSF 2.0 Examples will be published and maintained only online on the NIST Cybersecurity Framework website, leveraging the NIST Cybersecurity and Privacy Reference Tool (CPRT). This will allow Examples and Informative References to be updated more frequently than the rest of the Core. In the coming weeks, NIST will release an initial version of this online tool for users to download and search the draft Core. Resource owners and authors who are interested in mapping their resources to the final CSF 2.0 to create Informative References should reach out to NIST.

Cherilyn Pascoe   
NIST Cybersecurity Framework Program Lead   
cyberframework@nist.gov

Control Families

None selected

Topics

Security and Privacy

risk management

Applications

cybersecurity framework