Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process.
Cybersecurity Strategy and Plan of Action
Building from those standards, guidelines, and practices, the Framework provides a common
taxonomy and mechanism for organizations to:
1) Describe their current cybersecurity posture
2) Describe their target state for cybersecurity
3) Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process
4) Assess progress toward the target state
5) Communicate among internal and external stakeholders about cybersecurity risk.