Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process.

Cybersecurity Strategy and Plan of Action

Building from those standards, guidelines, and practices, the Framework provides a common
taxonomy and mechanism for organizations to:

1) Describe their current cybersecurity posture 

2) Describe their target state for cybersecurity 

3) Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process

4) Assess progress toward the target state

5) Communicate among internal and external stakeholders about cybersecurity risk.