$4$ points

The NIST Cybersecurity Framework, describes the Framework Profile $("$Profile$")$ as the alignment of the Functions, Categories, and Subcategories with the business requirements, risk tolerance, and resources of the organization.

Select the statement$($s$)$ that accurately describe$($s$)$ the notion of "profiles."

A Profile enables.organizations to establish a roadmap for reducing cybersecurity risk that is well aligned with organizational and sector goals, considers legal$/$regulatory requirements and industry best practices, and reflects risk management priorities.

Framework Profiles can be used to describe the current state or the desired target state of specific cybersecurity activities. The Current Profile indicates the cybersecurity outcomes that are currently being achieved. The Target Profile indicates the outcomes needed to achieve the desired cybersecurity risk management goals.

The Framework provides specific templates and requirements for profiles that all organizations are required to follow.

Comparison of Profiles $($e$.$g$.,$ the Current Profile and Target Profile$)$ may reveal gaps to be addressed to meet cybersecurity risk management objectives$\mathrm{.}4$ points

The NIST Cybersecurity Framework, describes the Framework Profile $("$Profile$")$ as the alignment of the Functions, Categories, and Subcategories with the business requirements, risk tolerance, and resources of the organization.

Select the statement$($s$)$ that accurately describe$($s$)$ the notion of "profiles."

A Profile enables.organizations to establish a roadmap for reducing cybersecurity risk that is well aligned with organizational and sector goals, considers legal$/$regulatory requirements and industry best practices, and reflects risk management priorities.

Framework Profiles can be used to describe the current state or the desired target state of specific cybersecurity activities. The Current Profile indicates the cybersecurity outcomes that are currently being achieved. The Target Profile indicates the outcomes needed to achieve the desired cybersecurity risk management goals.

The Framework provides specific templates and requirements for profiles that all organizations are required to follow.

Comparison of Profiles $($e$.$g$.,$ the Current Profile and Target Profile$)$ may reveal gaps to be addressed to meet cybersecurity risk management objectives.