Risk management is one of the most important if not the most important factor when it comes to protection from cyberattacks. Most of the major cyber assaults are a result of human error and a lack of a refining process for patching/updates. Take the Equifax data breach or notpetya attack on Ukrainian in which a vulnerability was exploited through non diligence. Through this framework, the goal is to make a structurally sound program or improve your existing one. This alone makes the framework a valuable asset due to the reasons stated above however it also has tertiary benefits. Organizations will save money in the long run due to the fact that certain applications will be prioritized and useless applications can be an avoided all together. An organization also gains a common language which creates a more cohesive network for those within the organization and those connected to them such as shareholders. If I was heading a business, I would immediately go to implement this to gain a solid groundwork for my security. Afterwards I would continuously reinforce that ground work with the same process to accomplish the benefits above.