Framework is the risked based approach to managing cyber security risk. The framework provides a common language for all the individuals that work in IT . The framework helps identify and prioritize actions. It’s also a tool that helps create policies, business, and technological ways to help reduce risk. Framework is also important because it allows companies to create profiles. Which in term can help them know their current standing and potential standing with the company. A framework also consists of it’s core, which presents industry standards that allow for communication of cyber security activities. The framework core has five functions to make the core run properly. Those functions are called Identify, Protect, Detect, Respond, and Recover.

The identity function is the foundation of the framework core. Its purpose is to create an

understanding to manage cyber security risk to systems, people, assets, and etc (NIST). The protection function develops safeguards to ensure delivery of important services. Some of the categories that the protect function is in charge of are Asset Management, Business Environment, and Governance (NIST). The third function of the framework core is the detect function. The purpose of this function revolves around setting caps and controlling secure access to essential systems and assets that are both physical and digital. Categories in this function consist of  Identity Management, Access Control, Awareness and Training, Data Security,Information Protection Processes and Procedures (NIST). The next function is called the respond function. The purpose of this function is to react when it detects a cyber security attack/incident. Categories within this function are Response Planning, Communications, Analysis, Mitigation and Improvements. The recovery function is the last function. Its purpose is to restore any data that was damaged from a cyber security incident.