NIST CSF 2.0 · All Functions · ID Identify

ID.IM — Improvement

Improvements to organizational cybersecurity risk management processes, procedures and activities are identified across all CSF Functions

ID.IM-01

Improvements are identified from evaluations

3 implementation example(s) · 37 mapped NIST 800-53 control(s)

ID.IM-02

Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties

6 implementation example(s) · 40 mapped NIST 800-53 control(s)

ID.IM-03

Improvements are identified from execution of operational processes, procedures, and activities

3 implementation example(s) · 39 mapped NIST 800-53 control(s)

ID.IM-04

Incident response plans and other cybersecurity plans that affect operations are established, communicated, maintained, and improved

5 implementation example(s) · 4 mapped NIST 800-53 control(s)

Source: NIST Cybersecurity Framework 2.0 · CSF 2.0 → 800-53 mappings sourced from NIST Cybersecurity & Privacy Reference Tool (CPRT) · US government work — attribution requested per NIST Open License Terms. Direct CSF→CWE/CVE cross-references will be added in a Phase B LLM-authored mapping pass (not yet rendered).