The NIST Cybersecurity Framework provides guidelines to help organizations manage cybersecurity risks. It consists of three parts: the Framework Core, Implementation Tiers, and Framework Profiles. The Framework Core includes functions, categories, and subcategories that organizations use to manage cybersecurity risks, including identify, protect, detect, respond, and recover. Implementation Tiers describe an organization's processes at different levels of rigor and sophistication. Framework Profiles are used to describe an organization's current and target cybersecurity state.