Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
GV.OC-04.2: The organisation shall define and document cybersecurity requirements for essential operations, validate them through testing and audits, maintain records of results and corrective actions, and regularly update requirements based on evolving risks |
|
GV.OC-04.2 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p14 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p13 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal ofthis control is to ensure that essential operations are protected byclearlydefined and tested security measures, and that these measures remain effective and up to date as risks evolve. To achieve this goal, the following actionable steps should be considered: • Identification & Documentation o Define critical services and theirdependencies (e.g. systems, suppliers) through a structured risk assessment. o Document security and operational requirements, including regulatory and industry-specific needs (e.g. CyFun®, ISO/IEC 27001, IEC 62443). • Validation & Approval o Establish governance processes for reviewing and approving identified security requirements. o Assign accountabilityto relevant stakeholders (e.g. securityteams, compliance officers, seniormanagement). • Testing & Assurance o Conduct penetration tests, vulnerability assessments, and incident simulations to validate implementation. o Ensure audits are performed to assess effectiveness and identify gaps in security measures. o Implement corrective actions where deficiencies are found, ensuring continuous improvement. • Record-Keeping & Compliance o Maintain detailed documentation of testing procedures, results, approvals, and corrective measures. o Align security frameworks with regulatory obligations to ensure compliance and governance oversight. • Continuous Review & Adaptation o Regularly reassess requirements in response to evolving threats, incidents, and regulatory changes. o Ensure governance bodies oversee updates and improvements to maintain long-term cyber resilience. |
|
A general note, for any purpose. |
The goal ofthis control is to ensure that essential operations are protected byclearlydefined and tested security measures, and that these measures remain effective and up to date as risks evolve. To achieve this goal, the following actionable steps should be considered: - Identification & Documentation - Define critical services and theirdependencies (e.g. systems, suppliers) through a structured risk assessment. - Document security and operational requirements, including regulatory and industry-specific needs (e.g. CyFun®, ISO/IEC 27001, IEC 62443). - Validation & Approval - Establish governance processes for reviewing and approving identified security requirements. - Assign accountabilityto relevant stakeholders (e.g. securityteams, compliance officers, seniormanagement). - Testing & Assurance - Conduct penetration tests, vulnerability assessments, and incident simulations to validate implementation. - Ensure audits are performed to assess effectiveness and identify gaps in security measures. - Implement corrective actions where deficiencies are found, ensuring continuous improvement. - Record-Keeping & Compliance - Maintain detailed documentation of testing procedures, results, approvals, and corrective measures. - Align security frameworks with regulatory obligations to ensure compliance and governance oversight. - Continuous Review & Adaptation - Regularly reassess requirements in response to evolving threats, incidents, and regulatory changes. - Ensure governance bodies oversee updates and improvements to maintain long-term cyber resilience. |
|
A general note, for any purpose. |
<div><p>The goal ofthis control is to ensure that essential operations are protected byclearlydefined and tested security measures, and that these measures remain effective and up to date as risks evolve. To achieve this goal, the following actionable steps should be considered:</p><ul><li>Identification & Documentation<ul><li>Define critical services and theirdependencies (e.g. systems, suppliers) through a structured risk assessment.</li><li>Document security and operational requirements, including regulatory and industry-specific needs (e.g. CyFun®, ISO/IEC 27001, IEC 62443).</li></ul></li><li>Validation & Approval<ul><li>Establish governance processes for reviewing and approving identified security requirements.</li><li>Assign accountabilityto relevant stakeholders (e.g. securityteams, compliance officers, seniormanagement).</li></ul></li><li>Testing & Assurance<ul><li>Conduct penetration tests, vulnerability assessments, and incident simulations to validate implementation.</li><li>Ensure audits are performed to assess effectiveness and identify gaps in security measures.</li><li>Implement corrective actions where deficiencies are found, ensuring continuous improvement.</li></ul></li><li>Record-Keeping & Compliance<ul><li>Maintain detailed documentation of testing procedures, results, approvals, and corrective measures.</li><li>Align security frameworks with regulatory obligations to ensure compliance and governance oversight.</li></ul></li><li>Continuous Review & Adaptation<ul><li>Regularly reassess requirements in response to evolving threats, incidents, and regulatory changes.</li><li>Ensure governance bodies oversee updates and improvements to maintain long-term cyber resilience.</li></ul></li></ul></div> |
|
A general note, for any purpose. |
The goal ofthis control is to ensure that essential operations are protected byclearlydefined and tested security measures, and that these measures remain effective and up to date as risks evolve. To achieve this goal, the following actionable steps should be considered: - Identification & Documentation - Define critical services and theirdependencies (e.g. systems, suppliers) through a structured risk assessment. - Document security and operational requirements, including regulatory and industry-specific needs (e.g. CyFun®, ISO/IEC 27001, IEC 62443). - Validation & Approval - Establish governance processes for reviewing and approving identified security requirements. - Assign accountabilityto relevant stakeholders (e.g. securityteams, compliance officers, seniormanagement). - Testing & Assurance - Conduct penetration tests, vulnerability assessments, and incident simulations to validate implementation. - Ensure audits are performed to assess effectiveness and identify gaps in security measures. - Implement corrective actions where deficiencies are found, ensuring continuous improvement. - Record-Keeping & Compliance - Maintain detailed documentation of testing procedures, results, approvals, and corrective measures. - Align security frameworks with regulatory obligations to ensure compliance and governance oversight. - Continuous Review & Adaptation - Regularly reassess requirements in response to evolving threats, incidents, and regulatory changes. - Ensure governance bodies oversee updates and improvements to maintain long-term cyber resilience. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
GV.OC-04.2 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Cybersecurity requirements for essential operations |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall define and document cybersecurity requirements for essential operations, validate them through testing and audits, maintain records of results and corrective actions, and regularly update requirements based on evolving risks |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
19 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 21 of 21
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1