NIST CSF 2.0 Category

GV.OC Organizational Context

GV Govern | Define mission priorities, critical services, and dependencies that shape security decisions.

Implementation Objective

Establish and maintain a current view of business context so security priorities align with mission critical outcomes.

Implementation Actions

Document critical services and systems.
Map obligations and stakeholder expectations.
Review context after major business or platform changes.

Evidence Examples

Service criticality matrix
System and data inventory
Context review log

Suggested Metrics

Critical services with documented requirements
Update latency after major changes

Framework Crosswalk

Direct mappings for this CSF category into NIST SP 800-171 family sections and CIS Controls v8 implementation domains.

NIST SP 800-171 Families

CIS Controls v8

Navigation

Back to NIST CSF 2.0 Categories CIS Controls v8 Guidance FedRAMP Guidance Cybersecurity Glossary