LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the six Functions of the NIST CSF v2.0?

Identify, Protect, Detect, Respond, Recover, and (new in v2.0) Govern.

Radial wheel with Govern at the hub and Identify, Protect, Detect, Respond, Recover around it

* CSF v2.0 Functions as a wheel: Govern at the hub tying together Identify, Protect, Detect, Respond, Recover. *

Function Purpose Where in the incident lifecycle
Identify Understand your asset inventory and risk landscape Before
Protect Develop and implement preventative controls Before
Detect Identify the occurrence of a security incident During
Respond Take action to address an incident During
Recover Resiliency and recovery after an incident After
Govern Establish and oversee risk-management strategy, policies, roles (added in CSF 2.0, 2024) Always

The original five (Identify/Protect/Detect/Respond/Recover) map roughly onto a security incident timeline: prevention → detection → response → recovery. Govern was added in 2024 because the original CSF was criticised for under-emphasising the management layer — who decides on risk appetite, allocates budget, owns policy.

Tip: A common memory aid: "I PDRR with Govern in the middle" — Identify is what you have, PDRR is the timeline of a bad day, Govern is the management thread tying them all together.

Go deeper:

From Quiz: ISF / ISMS & Security Standards (ISO 27k, NIST, BSI) | Updated: Jul 14, 2026