Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide



Amy Mahn, Daniel Topper, Stephen Quinn, Jeffrey Marron


This document intends to provide direction and guidance to those organizations – in any sector or community – seeking to improve cybersecurity risk management via utilization of the NIST Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework or the Framework). Cybersecurity is an important and amplifying component of an organization's overall risk management process. The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improve security and resilience. Through implementation of the Framework, organizations can better identify, assess, and manage their cybersecurity risks in the context of their broader mission and business objectives.
Special Publication (NIST SP) - 1271
Report Number


cybersecurity framework, cybersecurity risk management, enterprise risk management (ERM), framework, framework functions.


Mahn, A. , Topper, D. , Quinn, S. and Marron, J. (2021), Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online],, (Accessed July 23, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created August 6, 2021, Updated November 29, 2022