A part of an Organizational Profile that specifies the desired Core outcomes that an organization has selected and prioritized for achieving its cybersecurity risk management objectives.

Source: NIST Cybersecurity Framework 2.0 | Category: