NIST CSF 2.0 · All Functions · PR Protect

PR.PS — Platform Security

The hardware, software (e.g., firmware, operating systems, applications), and services of physical and virtual platforms are managed consistent with the organization's risk strategy to protect their confidentiality, integrity, and availability

PR.PS-01

Configuration management practices are established and applied

3 implementation example(s) · 11 mapped NIST 800-53 control(s)

PR.PS-02

Software is maintained, replaced, and removed commensurate with risk

6 implementation example(s) · 5 mapped NIST 800-53 control(s)

PR.PS-03

Hardware is maintained, replaced, and removed commensurate with risk

3 implementation example(s) · 6 mapped NIST 800-53 control(s)

PR.PS-04

Log records are generated and made available for continuous monitoring

3 implementation example(s) · 7 mapped NIST 800-53 control(s)

PR.PS-05

Installation and execution of unauthorized software are prevented

4 implementation example(s) · 4 mapped NIST 800-53 control(s)

PR.PS-06

Secure software development practices are integrated, and their performance is monitored throughout the software development life cycle

3 implementation example(s) · 8 mapped NIST 800-53 control(s)

Source: NIST Cybersecurity Framework 2.0 · CSF 2.0 → 800-53 mappings sourced from NIST Cybersecurity & Privacy Reference Tool (CPRT) · US government work — attribution requested per NIST Open License Terms. Direct CSF→CWE/CVE cross-references will be added in a Phase B LLM-authored mapping pass (not yet rendered).