From the course: NIST Cybersecurity Framework (CSF) 2.0 Primer: From Fundamentals to Implementation by Pearson
Join today to access over 25,200 courses taught by industry experts.
CSF tiers
So the final corner of the CSF triad is implementation tiers or just tiers usually is what you call them. So tiers describe the level of rigor of your cybersecurity risk management. So it's kind of like a separate frame or a different perspective you can use to evaluate at your organization alongside profiles, which are a little bit more kind of specific and action oriented. So tiers will, for instance, give us an idea of how well our practices are integrated within the organization. So are they broadly integrated? Is it completely ad hoc? Is it somewhere in the middle? As well as how well our processes, our cybersecurity processes align with organizational needs. So there are only four implementation tiers. There's not a lot two tiers because they're predefined. There is partial, which is sort of the lowest level of maturity. There is risk-informed, repeatable, and then adaptive. So what does that mean? Well, we'll do a quick comparison of these really quickly, and then we'll review…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.