Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
GV.RM-02.1: Risk appetite and risk tolerance statements shall be defined, documented, approved by senior management, communicated, and maintained. |
|
GV.RM-02.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p18 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p16 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of GV.RM-02.1 is to ensure that an organisation has a clear and actionable understanding of its risk boundaries, which helps guide decision-making and risk management practices. The following should be considered to reach this goal: • Risk appetite is the amount and type of risk an organisation is willing to take or accept, and is strategic/ qualitative (Source: ISO/IEC 27005). • Risk tolerance is the acceptable deviation from the level set by the risk appetite and business objectives, and is tactical/quantitative (source: ISACA). • The organisation's risk appetite should take into account its role in critical infrastructure and its sector. • Organisations in the OT sector should take into account health, safety & environment priorities in the defi- nition of their risk appetite. • Risk appetite statements should be translated into specific, measurable, and broadly understandable risk tolerance statements (SMART). • Organisational objectives and risk appetite should be periodically refined based on known risk exposure and residual risk. • With AR-in-a-Box, ENISA, the European Union Agency for Cybersecurity, provides organisations with the essential tools and resources to effectivelyraise cybersecurityawarenesswithin theiroperations.This ENISA- Do-It-Yourself Toolbox contains a C-level guide. |
|
A general note, for any purpose. |
The goal of GV.RM-02.1 is to ensure that an organisation has a clear and actionable understanding of its risk boundaries, which helps guide decision-making and risk management practices. The following should be considered to reach this goal: - Risk appetite is the amount and type of risk an organisation is willing to take or accept, and is strategic/ qualitative (Source: ISO/IEC 27005). - Risk tolerance is the acceptable deviation from the level set by the risk appetite and business objectives, and is tactical/quantitative (source: ISACA). - The organisation's risk appetite should take into account its role in critical infrastructure and its sector. - Organisations in the OT sector should take into account health, safety & environment priorities in the defi- nition of their risk appetite. - Risk appetite statements should be translated into specific, measurable, and broadly understandable risk tolerance statements (SMART). - Organisational objectives and risk appetite should be periodically refined based on known risk exposure and residual risk. - With AR-in-a-Box, ENISA, the European Union Agency for Cybersecurity, provides organisations with the essential tools and resources to effectivelyraise cybersecurityawarenesswithin theiroperations.This ENISA- Do-It-Yourself Toolbox contains a C-level guide. |
|
A general note, for any purpose. |
The goal of GV.RM-02.1 is to ensure that an organisation has a clear and actionable understanding of its risk boundaries, which helps guide decision-making and risk management practices. The following should be considered to reach this goal: - Risk appetite is the amount and type of risk an organisation is willing to take or accept, and is strategic/ qualitative (Source: ISO/IEC 27005). - Risk tolerance is the acceptable deviation from the level set by the risk appetite and business objectives, and is tactical/quantitative (source: ISACA). - The organisation's risk appetite should take into account its role in critical infrastructure and its sector. - Organisations in the OT sector should take into account health, safety & environment priorities in the defi- nition of their risk appetite. - Risk appetite statements should be translated into specific, measurable, and broadly understandable risk tolerance statements (SMART). - Organisational objectives and risk appetite should be periodically refined based on known risk exposure and residual risk. - With AR-in-a-Box, ENISA, the European Union Agency for Cybersecurity, provides organisations with the essential tools and resources to effectivelyraise cybersecurityawarenesswithin theiroperations.This ENISA- Do-It-Yourself Toolbox contains a C-level guide. |
|
A general note, for any purpose. |
<div><p>The goal of GV.RM-02.1 is to ensure that an organisation has a clear and actionable understanding of its risk boundaries, which helps guide decision-making and risk management practices. The following should be considered to reach this goal:</p><ul><li>Risk appetite is the amount and type of risk an organisation is willing to take or accept, and is strategic/ qualitative (Source: ISO/IEC 27005).</li><li>Risk tolerance is the acceptable deviation from the level set by the risk appetite and business objectives, and is tactical/quantitative (source: ISACA).</li><li>The organisation's risk appetite should take into account its role in critical infrastructure and its sector.</li><li>Organisations in the OT sector should take into account health, safety & environment priorities in the defi- nition of their risk appetite.</li><li>Risk appetite statements should be translated into specific, measurable, and broadly understandable risk tolerance statements (SMART).</li><li>Organisational objectives and risk appetite should be periodically refined based on known risk exposure and residual risk.</li><li>With AR-in-a-Box, ENISA, the European Union Agency for Cybersecurity, provides organisations with the essential tools and resources to effectivelyraise cybersecurityawarenesswithin theiroperations.This ENISA- Do-It-Yourself Toolbox contains a C-level guide.</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
GV.RM-02.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Risk appetite and tolerance statements |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Risk appetite and risk tolerance statements shall be defined, documented, approved by senior management, communicated, and maintained. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
22 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 24 of 24
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1