IDENTIFY FUNCTION The first core function of the NIST Cybersecurity Framework is IDENTIFY. This function aid the organization to develop the understanding needed to manage cybersecurity risks to systems, capabilities, data & asset. The Identify function is the foundation for implementing or improving existing cyber security risk management programs. It concentrates on the business context, its associated cybersecurity risks, and the available resources for support of crucial functions to allow the organization to prioritize its risk management effort to support business needs. The Identify function consists of outcome categories that identify: ASSET MANAGEMENT: This includes the physical and software assets owned by the organization. BUSINESS ENVIRONMENT: To understand the organization's function in the supply chain. GOVERNANCE: This includes the implementation of cybersecurity policies within the organization and identifying legal and regulatory requirements for cybersecurity capacities. RISK ASSESSMENT: This includes identifying asset vulnerabilities, likely threats to the organization's resources, and risk response processes in the organization RISK MANAGEMENT STRATEGY: This includes identifying risk tolerance. SUPPLY MANAGEMENT STRATEGY: This includes the implementation of supply chain risk tolerance. Conclusively, a clearly defined state of an organization's cybersecurity position is the result of a successful implementation of the "identify function". It indicates that all assets that need protection have been identified. REFERENCES: https://www.nist.gov/cyberframework/online-learning/five-functions https://reciprocity.com/resources/what-is-the-purpose-of-nist/