Pearson NIST-COBIT-2019 New Attempt

This CSF step involves documenting the existing category and subcategory outcome achievements, by using the implementation status to indicate the degree to which the cybersecurity outcomes defined by the CSF Subcategories are currently being achieved by the organization12. The Current Profile reflects the current cybersecurity posture of the organization, and helps to identify the gaps and opportunities for improvement3 .

References: 1: Cybersecurity Framework Components | NIST 2: Cybersecurity Framework v1.1 - CSF Tools - Identity Digital 3: Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA : REVIEW OF IMPLEMENTING THE NIST CYBERSECURITY FRAMEWORK USING COBIT 2019.

One of the objectives of CSF Step 6 is to translate improvement opportunities into justifiable, contributing projects, which means to develop an action plan that addresses the gaps between the current and target profiles, and that aligns with the organization’s mission drivers, risk appetite, and resource constraints12.

ReferencesGetting Started with the NIST Cybersecurity Framework: A Quick Start Guide, page 8.NIST CSF: The seven-step cybersecurity framework process

Identifying quick wins for implementation first is the best approach to gain support for the process, as it can demonstrate the value and feasibility of the project, and motivate the stakeholders to overcome the resistance and embrace the change12. Quick wins are those actions that can be implemented rapidly and easily, and that can produce visible and measurable results3.

References7 Phases in COBIT Implementation | COBIT Certification - SimplilearnImplementing the NIST Cybersecurity Framework Using COBIT 2019, page 17.What is a Quick Win? - Definition from Techopedia