| Functions | Description |
| Identify | Promote an organizational knowledge in managing cybersecurity risks “system, people, assets, data, and capabilities” |
| Protect | Ensure that applicable security control in the safeguarding of availability of critical services |
| Detect | Utilize and execute applicable actions to discover the occurrence of a cybersecurity event |
| Respond | Apply and achieve detection responses to a cybersecurity incident |
| Recover | Perform and execute applicable actions to recover any damaged services promptly caused by a cybersecurity incident |