NIST CSF Implementation Planning Tool
A three-year action plan for enhancing security program maturity and effectiveness
Tenable is sharing this planning tool, developed by Christopher Paidhrin of the City of Portland, OR, to help you effectively implement the NIST Cybersecurity Framework. The tool uses guidelines from the Center for Internet Security Critical Controls for risk prioritization.
It also recognizes that improving security program effectiveness is NOT a one-and-done activity. Instead, the tool incorporates a three-year action plan with quarter-by-quarter tracking of initiatives, project time-lines and measures of success.
- Risk and remediation prioritization
- Maturity gaps and selective metrics
- Alignment of business risk to CSC
- Budget and resource prioritization
Get started with the planning tool:
You can download the tool and get started on your own plan, or learn from the source by checking out our on-demand webinar, “A Prioritized Approach to Implement the NIST CSF using the CIS Critical Security Controls.” The session features Christopher Paidhrin, Information Security Manager of the City of Portland, who developed – and is currently using – the tool to enhance the City’s implementation of NIST CSF.