Browse Skills

NIST CSF Profile Author

    NIST CSF Cybersecurity Risk Management Compliance USA
    Get Started with This Skill

    Overview

    Guided elaboration of a NIST Cybersecurity Framework (CSF) assessment: current profile (Identify, Protect, Detect, Respond, Recover, Govern), target profile, gap analysis, and prioritized implementation plan with outcomes and metrics.

    Getting Started

    Add your source materials to the project workspace, then activate the NIST CSF Profile Author skill. The agent will guide you through the process step by step.

    Example Conversation

    Below is an example of how a typical NIST CSF profile session unfolds. The agent builds current/target profiles, gap analysis, and an implementation roadmap.

    You: We need a NIST CSF 2.0 current and target profile for our IT and OT environments. Focus on Identify, Protect, and Detect. Then a roadmap for the top gaps.

    Agent: I’ll create a profile document with selected subcategories from ID, PR, and DE. For each I’ll document current state, target state, and gap. Which subcategories do you want in scope, or shall I propose a core set (e.g. ID.AM-1, ID.RA-1, PR.AC-1, PR.DS-1, DE.CM-1)?

    You: Propose a core set and we’ll add more later.

    Agent: I’ve created nist-csf-profile.md with current/target/gap for ID.AM-1, ID.RA-1, PR.AC-1, PR.DS-1, DE.CM-1. High-priority gaps: PR.AC-1 (no MFA on admin access) and DE.CM-1 (no centralized log monitoring). I’ve added an implementation roadmap with actions, owners, and 90-day targets. Run the validation tool?

    You: Yes.

    Agent: I ran check_csf_subcategory_coverage. All five subcategories have current, target, and gap. Implementation actions are present for high-priority gaps. No warnings.

    Sample Output Excerpt

    Below is a representative excerpt from a CSF profile document showing one subcategory with current, target, and gap.

    PR.AC-1 — Identity management, authentication and access control

    ElementContent
    CurrentLocal AD; SSO for SaaS; MFA for cloud apps only. No MFA for VPN or admin access.
    TargetMFA for all remote and privileged access; SSO + conditional access; identity lifecycle automated.
    GapVPN and admin accounts lack MFA; no conditional access; manual deprovisioning. High priority.
    Implementation actionDeploy MFA for VPN (Q2); enforce MFA for all privileged accounts (Q2); implement conditional access policy (Q3). Owner: Infrastructure. Metric: % of privileged sessions with MFA.

    Built-in Validation Tools

    The skill includes an extension tool that checks CSF profile and roadmap documents for subcategory coverage and implementation actions.

    What the tool checks

    CheckDescription
    Subcategory referencesDetects CSF subcategory codes (e.g. ID.AM-1, PR.AC-1, DE.CM-1) in the document
    Current/target/gapFor each referenced subcategory, checks that current state, target state, and gap are documented
    Implementation actionsIf high-priority gaps are mentioned, ensures the roadmap includes actions, owners, or timelines

    Run check_csf_subcategory_coverage on the profile or roadmap document after drafting or updating.

    Ready to let your expertise drive the workflow?

    Stop wrestling with rigid templates and complex tooling. Write your process in markdown, let the agent handle the rest.

    Get Started