Consider a logical cross reference or grouping for Cybersecurity Framework subcategories. This could make an assessment easier and more meaningful. The Cybersecurity Framework identifies categories and subcategories of practice, processes, and activities to be used in a cyber security assessment. But, categories often house unrelated subcategories and subcategories are dependent on other subcategories across various categories.