GRC: NIST CSF Use Case Accelerator. NIST CSF v1.1 or v2.0?

Valqe
Tera Expert

Greetings,

I have installed "GRC: NIST CSF Use Case Accelerator" (sn_irm_nist_csf) plugin and from what I can see, the security controls that were brought over are of  NIST CSF 1.1 version.

Was wondering how can I update this plugin to have access to control objectives for NIST CSF version 2.0?
I installed latest plugin version 18.1.0, but no result on the content of NIST CSF control objectives when it comes to NIST CSF Versino 2.0.

I appreciate your comments and guidance.

Thank you

6 REPLIES 6

Thank you so much @Connor Levien I appreciate your response.

I see that "GRC: NIST CSF Use Case Accelerator" version 19.0.1 is available and I just updated it.
However I am little confused. I don't see there NIST CSF 2.0 control objectives 😞

Am I missing something?

 

  • I see that : Authority Document "NIST CSF v2.0" is there:

 

Valqe_0-1724075477689.png

 

  • Also citations within NIST CST v.20 authority document are visible:

Valqe_1-1724075620584.png

  • But looking at citation to control objective relationship I see a record, but there is no reference to a NIST CSF v.2.0 control objective

Valqe_2-1724075696349.png

 

and when I try to hover over control objective from screenshot above I get this

 

Valqe_3-1724075818297.png

 

I appreciate your help and guidance.

Thanks in advance

V.

 

P.S.1 Is there a way to only see NIST CSF 2.0 related control objectives?

Connor Levien
ServiceNow Employee
ServiceNow Employee

Hey @Valqe, I have just checked and installed this in my instance and have noticed the same issue of the control objective to citation mapping being blank. 

 

I have made the product team aware but I would suggest raising a support ticket as there may be a hot fix already available.

 

To find all the NIST CSF 2.0 related control objectives you can simply search for Control objectives in the filter navigator and it should show you the NIST CSF Control objective navigation item which will take you to a prebuilt list of control objectives filtered for NIST CSF 2.0

 

ConnorLevien_0-1724080586964.png