GRC: NIST CSF Use Case Accelerator. NIST CSF v1.1 or v2.0?

Valqe
Tera Expert

Greetings,

I have installed "GRC: NIST CSF Use Case Accelerator" (sn_irm_nist_csf) plugin and from what I can see, the security controls that were brought over are of  NIST CSF 1.1 version.

Was wondering how can I update this plugin to have access to control objectives for NIST CSF version 2.0?
I installed latest plugin version 18.1.0, but no result on the content of NIST CSF control objectives when it comes to NIST CSF Versino 2.0.

I appreciate your comments and guidance.

Thank you

6 REPLIES 6

Prasanna_Patil
Tera Guru

Hi @Valqe I think ServiceNow contains only Version 1.1. Version 2.0 is yet to come may be. 

Please hit like and Mark Helpful if you liked it
Regards,
Prasanna

Community Alums
Not applicable

Hi @Valqe ,

Hi @Valqe ,

The plugin "NIST CSF Use Case Accelerator" does not automatically relate the Citations for Authority document to control objective level, you have to do it manually unfortunately. 

You can Navigate to Control Objectives, then add source field to the list and group by source and look for NIST CSF:

SandeepDutta_0-1724118706064.png

Then, you can manually add the associated citations of the Authority document "NIST CSF v2.0" to Control objectives:

SandeepDutta_1-1724118811193.png

 

Community Alums
Not applicable

Hi @Valqe ,

 

Connor Levien
ServiceNow Employee
ServiceNow Employee

@Valqe the update to the CSF accelerator is coming in the Washington release. Once the Washington release is available the plugin should be updated and you can update your plugin to get access to the 2.0 content