This page contains small business quick start guides for some of NIST’s cybersecurity and privacy publications and frameworks. These resources are not intended to replace the larger publications or frameworks; they are intended to be introductory guides to help small organizations get started with the content. Want to see one that isn’t here yet? Let us know: smallbizsecurity [at] nist.gov (smallbizsecurity[at]nist[dot]gov).
NIST Cybersecurity Framework 2.0: Small Business Quick Start Guide - provides small-to-medium sized businesses, specifically those who have modest or no cybersecurity plans in place, with considerations to kick-start their cybersecurity risk management strategy using the NIST Cybersecurity Framework (CSF) 2.0.
NIST Risk Management Framework Small Enterprise Quick Start Guide - This guide is designed to help small, under-resourced entities understand the value and core components of the NIST Risk Management Framework (RMF) and provide a starting point for designing and implementing an information security and privacy risk management program.
Getting Started with the NIST Privacy Framework: A Guide for Small and Medium Businesses: The NIST Privacy Framework is a voluntary tool that can help your organization create or improve a privacy program. Get started using the Privacy Framework by following a simple model of “Ready, Set, Go” phases, and align your business or agency with five privacy risk management areas: Identify, Govern, Control, Communicate, and Protect.