From 34e0cf6e2db14cf89b161f0fce6843d86134bb78 Mon Sep 17 00:00:00 2001
From: juliosuas <juliosuas@gmail.com>
Date: Wed, 18 Mar 2026 10:36:51 -0600
Subject: [PATCH] Fix NIST CSF 2.0 category counts in table: ID=3, RC=2
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The summary table had incorrect category counts for Identify (4 → 3)
and Recover (1 → 2), inconsistent with the frontmatter mapping and
official NIST CSF 2.0 specification (GV:6 + ID:3 + PR:5 + DE:2 +
RS:4 + RC:2 = 22 categories).
---
 skills/performing-nist-csf-maturity-assessment/SKILL.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/skills/performing-nist-csf-maturity-assessment/SKILL.md b/skills/performing-nist-csf-maturity-assessment/SKILL.md
index db736c24..61bdb0ca 100644
--- a/skills/performing-nist-csf-maturity-assessment/SKILL.md
+++ b/skills/performing-nist-csf-maturity-assessment/SKILL.md
@@ -27,11 +27,11 @@ The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024, provides
 | Function | Code | Categories | Purpose |
 |----------|------|-----------|---------|
 | **Govern** | GV | 6 | Establish and monitor cybersecurity risk management strategy |
-| **Identify** | ID | 4 | Determine current cybersecurity risk to the organization |
+| **Identify** | ID | 3 | Determine current cybersecurity risk to the organization |
 | **Protect** | PR | 5 | Implement safeguards to prevent or reduce risk |
 | **Detect** | DE | 2 | Find and analyze possible cybersecurity attacks |
 | **Respond** | RS | 4 | Take action regarding detected cybersecurity incidents |
-| **Recover** | RC | 1 | Restore capabilities impaired by cybersecurity incidents |
+| **Recover** | RC | 2 | Restore capabilities impaired by cybersecurity incidents |
 
 ### Govern Function (New in CSF 2.0)
 - GV.OC: Organizational Context