ID — Identify
21 outcomes in the Identify function
ID.AM-01Inventories of hardware managed by the organization are maintained
ID.AM-02Inventories of software, services, and systems managed by the organization are maintained
ID.AM-03Representations of the organization’s authorized network communication and internal and external network data flows are maintained
ID.AM-04Inventories of services provided by suppliers are maintained
ID.AM-05Assets are prioritized based on classification, criticality, resources, and impact on the mission
ID.AM-07Inventories of data and corresponding metadata for designated data types are maintained
ID.AM-08Systems, hardware, software, services, and data are managed throughout their life cycles
ID.RA-01Vulnerabilities in assets are identified, validated, and recorded
ID.RA-02Cyber threat intelligence is received from information sharing forums and sources
ID.RA-03Internal and external threats to the organization are identified and recorded
ID.RA-04Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded
ID.RA-05Threats, vulnerabilities, likelihoods, and impacts are used to understand inherent risk and inform risk response prioritization
ID.RA-06Risk responses are chosen, prioritized, planned, tracked, and communicated
ID.RA-07Changes and exceptions are managed, assessed for risk impact, recorded, and tracked
ID.RA-08Processes for receiving, analyzing, and responding to vulnerability disclosures are established
ID.RA-09The authenticity and integrity of hardware and software are assessed prior to acquisition and use
ID.RA-10Critical suppliers are assessed prior to acquisition
ID.IM-01Improvements are identified from evaluations
ID.IM-02Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties
ID.IM-03Improvements are identified from execution of operational processes, procedures, and activities
ID.IM-04Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved