The agency is soliciting comments to update a core document that lets entities pick and choose which technical standards they want to apply to their systems based on their own risk assessment.
Article Link: NIST Refreshing Voluntary Cybersecurity Framework Amid Push for Mandates - Nextgov