Skip to the main content.
Try GRC Playbook for free
Try GRC Playbook for free


NIST Cybersecurity Framework (CSF)

This library of Cybersecurity Playbooks are editable templates that represent the core of what is generally required by management (including process owners), boards of directors and their audit committees, as well as internal and external auditors of relevant organizations, to document, assess, test, report and oversee the design and operating effectiveness of the typical key internal controls on which management is reliant to maintain compliance with Cybersecurity regulatory requirements.

They are drawn from a range of authoritative sources including the National Institute of Standards and Technology (NIST), the Federal Financial Institutions Examination Council (FFIEC), the Department of Defense, the SEC's Office of Compliance Inspections and Examinations (OCIE), and the New York Department of Financial Services (NYDFS).

The NIST Cybersecurity Framework (CSF) Playbooks:

The NIST Cybersecurity Framework (CSF) 1.1 Playbook enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving security and resilience.

The NIST Cybersecurity Framework (CSF) 2.0 Playbook. This draft represents a major update to the CSF—a resource first released in 2014 to help organizations reduce cybersecurity risk.

The CSF 2.0 draft reflects several major changes, including an expanded scope, the addition of a sixth function, Govern, and improved and expanded guidance on implementing the CSF—especially for creating profiles.

The NIST CSF 2.0 Playbook addresses the following functions:

  • RESPOND (RS), and

One Affordable Subscription. 100+ Playbooks.

With one subscription, you'll gain access to all of our Playbooks.


Would you like to find out just how affordable and beneficial a GRC Playbook® subscription can be?

Everything you need, on a platform you already know.


Try GRC Playbook for free