CISA· ISACA
Certified Information Systems Auditor (ISACA)
ISACA’s CISA targets IS audit. 5 domains, ITAF and COBIT, 2,300+ questions with AuditBot explanations.
Term DefinitionFrameworks
NIST CSF
NIST Cybersecurity Framework — the US reference for managing cyber risks.
The NIST CSF (version 2.0, February 2024) organizes cybersecurity practices into 6 functions: Govern, Identify, Protect, Detect, Respond, Recover. Version 2.0 adds the 'Govern' function to emphasize board-level cyber governance. Originally designed for US critical infrastructure, it is now used globally as a cyber governance and compliance reference.
📌 Key points
- Version 2.0 (2024): 6 functions — 'Govern' added vs 5 functions in v1.1
- Govern: new central function that oversees the other 5
- Used globally — aligned with ISO 27001 and COBIT
- Profiles: current state vs target state — measures cyber maturity
- Implementation tiers (1–4): from Partial to Adaptive maturity
Related certifications
These certifications cover the concept of "NIST CSF" in depth.
🔗 Related concepts
FrameworksFrameworksComplianceComplianceRisk
ISO 27001
The international standard for Information Security Management Systems (ISMS).
COBIT
An IT governance and management framework published by ISACA.
DORA Regulation
Digital Operational Resilience Act — EU regulation on digital operational resilience.
NIS2 Directive
EU directive on the security of network and information systems — revised version.
Enterprise Risk Management (ERM)
An integrated, holistic approach to identifying and managing all organizational risks.
📖 Related articles
Master this concept and more
Start your GRC certification journey today.