A risk manager is integrating the NIST Cybersecurity Framework with the organization's risk management processes. Which TWO functions of the NIST CSF directly support risk assessment?
Identify includes risk assessment, asset management, and governance.
Why this answer
The Identify function covers risk assessment and management, and the Protect function involves safeguards that are assessed for effectiveness.