The Framework is a guide based on existing standards, guidelines, and practices for organizations to better manage and reduce cyber security risk or attacks. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cyber security management communications between both internal and external organizational stakeholders. The Framework would help an organization to better understand, manage, and reduce its cyber security risks. It will assist in determining which activities are most important to assure critical operations and service delivery. In turn, that will help to prioritize investments and maximize the impact of each dollar spent on cyber security. By providing a common language to address cyber security risk management, it is especially helpful in communicating inside and outside the organization. That includes improving communications, awareness, and understanding between and among IT, planning, and operating units, as well as senior executives of organizations. Organizations also can readily use the Framework to communicate current or desired cyber security posture between a buyer or supplier. The framework allows there to be a guide that could make sure there is a structure that would need to be followed within the business.