NIST Cyber Security Professional (NCSP) Foundation

4.6 out of 5 rating

Jump to dates


1 Days

6 CPD hours


The purpose of this document is to provide the learning outcomes for the course and the assessment criteria. It also provides an overview of the examination design in terms of the types of questions asked.Starting with Chapter 2, Digital Transformation, the BL 1 & 2 (for Bloom’s Taxonomy 1 & 2) provides the number of questions that will appear on the exam.


This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain.

Digital Transformation
  • Explain what it means to ?become digital.?
  • Discuss the difference between industrial and digital era enterprises.
  • Explain how cybersecurity supports an organization?s digital transformation.
Understanding cyber Risks
  • Explain the cyber risk equation.
  • Identify and explain each component of the cyber risk equation.
  • Describe the basics of a risk assessment.
NIST Cybersecurity Framework Fundamentals9
  • Explain the genesis of the NIST-CSF.
  • List and describe the components of the NIST-CSF.
  • Describe each of the NIST-CSF?s objectives.
Core Functions, Categories & Subcategories
  • Understand and explain the
  • a.Core Functions
  • b.Framework Categories
  • c.Informative References.
Implementation Tiers & Profiles
  • Understand and explain Implementation Tier terms and their use.
  • Understand and explain each Implementation Tier.
  • Understand and describe the three risk categories
  • Understand and explain Profiles and their use
  • a.Current
  • b.Target
  • Understand and describe the use of Profiles when
  • a.Determining gaps
  • b.Identify & prioritize focus areas
Cybersecurity Improvement
  • Understand and explain how an organization can approach the adoption and adaptation of the NIST-CSF
  • Understand and describe how to implement cybersecurity controls using an incremental improvement approach.
  • Understand and describe CIIS as a practice within an organization.
Training Insurance Included!

When you organise training, we understand that there is a risk that some people may fall ill, become unavailable. To mitigate the risk we include training insurance for each delegate enrolled on our public schedule, they are welcome to sit on the same Public class within 6 months at no charge, if the case arises.

What people say about us

Find out more about this course

Interested in alternative dates? Would like to book a private session of this course for your company? Or for any other queries please simply fill out the form below.