ID: Identify

Previous Version:


The organization's current cybersecurity risks are understood

Framework Categories

ID.AM: Asset Management

Assets (e.g., data, hardware, software, systems, facilities, services, people) that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to organizational objectives and the organization's risk strategy

ID.RA: Risk Assessment

The cybersecurity risk to the organization, assets, and individuals is understood by the organization

ID.IM: Improvement

Improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all CSF Functions