DOWNLOADABLE List of Documents in the Toolkit

Page 1

NIST CSF2 Toolkit Version 1 AREA

DOC REF

DOCUMENT

0. Implementation Resources

None None None None None CSF-DOC-IMPL-1 CSF-DOC-IMPL-2 CSF-DOC-IMPL-3 CSF-DOC-IMPL-4 CSF-DOC-IMPL-5 CSF-FORM-IMPL-1 CSF-FORM-IMPL-2

ATTENTION READ ME FIRST NIST CSF2 Toolkit Completion Instructions A Guide to Implementing NIST CSF2 NIST CSF2 Toolkit Index CSF Framework 2-0 Draft CSF Framework Core 2-0 with Examples Discussion Draft CSF Benefits Presentation CSF Project Definition CSF Project Plan Procedure for the Control of Documents CSF Documentation Log CSF Progress Report CSF Current and Target Profile

1. Govern GV - Category GV-OC

CSF-DOC-GVOC-1 CSF-DOC-GVOC-2 CSF-DOC-GVOC-3 CSF-DOC-GVOC-4 CSF-DOC-GVOC-5 CSF-DOC-GVOC-6 CSF-DOC-GVOC-7 CSF-FORM-GVOC-1 None

InfoSec Context, Reqts and Scope Legal, Regulatory and Contractual Requirements Procedure Legal, Regulatory and Contractual Requirements Schedule of Confidentiality Agreements Non-Disclosure Agreement Business Impact Analysis Process Business Impact Analysis Report Business Impact Analysis Tool EXAMPLE Legal, Regulatory and Contractual Requirements

1. Govern GV - Category GV-RM

CSF-DOC-GVRM-1 CSF-DOC-GVRM-2 CSF-DOC-GVRM-3 CSF-FORM-GVRM-1 None

InfoSec Objectives and Plan Cybersecurity Risk Management Policy Risk Assessment and Treatment Process Opportunity Assessment Tool EXAMPLE Opportunity Assessment Tool

1. Govern GV - Category GV-SC

CSF-DOC-GVSC-1 CSF-DOC-GVSC-2 CSF-DOC-GVSC-3 CSF-DOC-GVSC-4 CSF-DOC-GVSC-5 CSF-FORM-GVSC-1 CSF-FORM-GVSC-2 None None

Cybersecurity Supply Chain Policy Supplier Information Security Agreement Supplier Due Diligence Assessment Procedure Supplier Information Security Evaluation Process Supplier Evaluation Covering Letter Supplier Due Diligence Assessment Supplier Evaluation Questionnaire EXAMPLE Supplier Due Diligence Assessment EXAMPLE Supplier Evaluation Questionnaire

1. Govern GV - Category GV-RR

CSF-DOC-GVRR-1 CSF-DOC-GVRR-2 CSF-DOC-GVRR-3 CSF-DOC-GVRR-4 CSF-DOC-GVRR-5 CSF-DOC-GVRR-6 CSF-FORM-GVRR-1 CSF-FORM-GVRR-2 CSF-FORM-GVRR-3

InfoSec Roles Responsibilities and Authorities Executive Support Letter HR Security Policy Employee Screening Procedure Guidelines for Inclusion in Employment Contracts Employee Disciplinary Process Employee Screening Checklist Employee Termination and Change of Employment Checklist Leavers Letter

1. Govern GV - Category GV-PO

CSF-DOC-GVPO-1 CSF-DOC-GVPO-2 CSF-DOC-GVPO-3 CSF-DOC-GVPO-4 CSF-DOC-GVPO-5 CSF-DOC-GVPO-6 CSF-DOC-GVPO-7 CSF-DOC-GVPO-8 CSF-DOC-GVPO-9 CSF-DOC-GVPO-10 CSF-DOC-GVPO-11 CSF-DOC-GVPO-12 CSF-DOC-GVPO-13 CSF-DOC-GVPO-14 CSF-DOC-GVPO-15

Information Security Policy Social Media Policy Information Security Whistleblowing Policy Internet Access Policy Electronic Messaging Policy Online Collaboration Policy Cloud Services Policy IP and Copyright Compliance Policy Privacy and Personal Data Protection Policy Remote Working Policy Mobile Device Policy BYOD Policy Information Deletion Policy Data Masking Policy Data Leakage Prevention Policy

1. Govern GV - Category GV-OV

CSF-DOC-GVOV-1 CSF-DOC-GVOV-2 CSF-FORM-GVOV-1

Process for Monitoring, Measurement, Analysis and Evaluation Procedure for Management Reviews Management Review Meeting Agenda

03/01/2024

Page 1 of 3

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.