The University of SydneyPage 36NIST’s Seven Steps process for an Effective Security Program–Step 5: Create a Target Profile. –Creates a Target Profile that focuses on the assessment of the Framework Categories and Subcategories describing the organization’s desired cybersecurity outcomes. –Step 6: Determine, Analyze, and Prioritize Gaps. –Compares the Current Profile and the Target Profile to determine gaps–Creates a prioritized action plan to address gaps –reflecting mission drivers, costs and benefits, and risks –Step 7: Implement Action Plan. –Determines which actions to take to address the gaps, if any, identified in the previous step–Adjusts its current cybersecurity practices in order to achieve the Target Profile.