NIST-COBIT-2019 Exam Dumps : ISACA Implementing the NIST Cybersecurity Framework using COBIT 2019

Analysis is one of the six categories within the Detect function of the NIST Cybersecurity Framework. The Analysis category aims to identify the occurrence of a cybersecurity event by performing data aggregation, correlation, and analysis12.

References: 1: The Five Functions | NIST 2: Cybersecurity Framework Components | NIST

According to the NIST Cybersecurity Framework, gaps identified between the current and target profiles should be addressed through a risk-based approach, which enables an organization to gauge the resources needed and prioritize the mitigation of gaps in a cost-effective manner. This approach also aligns the cybersecurity program with the business objectives and risk appetite of the organization12.

ReferencesExamples of Framework Profiles | NISTWhat is the NIST Cybersecurity Framework? | IBM

According to the TM Forum’s Business Process Framework (eTOM), the business/process level is responsible for defining the business strategy, objectives, and requirements, as well as monitoring and controlling the performance and quality of the processes1. The implementation/operations level is responsible for designing, developing, and executing the processes that deliver and support the services1. When coordinating framework implementation, these two levels collaborate to assess changes in current and future risks, such as market trends, customer expectations, regulatory compliance, security threats, and operational issues2. This helps them to align the processes with the business goals and outcomes, and to identify and mitigate any potential gaps or challenges3.

References: 1: Process Framework (eTOM) - TM Forum 2: Implement Dynamics 365 with a process-focused approach 3: Operations Management Implementation - Smarter Solutions, Inc.