Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
GV.RR-02.1: Information security and cybersecurity roles, responsibilities and authorities for employees, suppliers, customers, and partners shall be documented, reviewed, author- ised, kept up to date, communicated, and coordinated internally and externally. |
|
GV.RR-02.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p24 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p20 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure response and recovery plans remain effective by assigning roles and responsibility for their regular review and adaptation to evolving risks. To implement this control, the following elements should be considered: • Define and Assign Responsibilities o Assign clear roles for maintaining, reviewing, and updating response and recovery plans. o Ensure responsible individuals have the authority and resources to act on identified changes. o Designate a central coordinator or team to oversee the update process and ensure accountability. • Understand and Monitor Organisational Context o Regularly assess internal and external factors such as: - Organisational structure and critical systems - Emerging threats and vulnerabilities - Regulatory changes and market dynamics - Lessons learned from incidents, tests, or exercises • Update Plans Based on Contextual Changes o Revise plans to reflect: - New or evolving threats - Changes in technology or infrastructure - Operational challenges or gaps identified during testing o Updates may include contact lists, communication protocols, escalation paths, and resource allocations. • Communicate and Train o Ensure all relevant stakeholders are informed of updates. o Provide training or briefings to clarify roles and responsibilities in the revised plans. • Test and Improve o Conduct regular exercises and simulations to validate the effectiveness of updated plans. o Use results to identify gaps and drive continuous improvement. • Continuous Review Cycle o Establish a review schedule (e.g. quarterly or after major changes). o Integrate plan updates with broader risk management and governance processes. |
|
A general note, for any purpose. |
The goal of this control is to ensure response and recovery plans remain effective by assigning roles and responsibility for their regular review and adaptation to evolving risks. To implement this control, the following elements should be considered: - Define and Assign Responsibilities - Assign clear roles for maintaining, reviewing, and updating response and recovery plans. - Ensure responsible individuals have the authority and resources to act on identified changes. - Designate a central coordinator or team to oversee the update process and ensure accountability. - Understand and Monitor Organisational Context - Regularly assess internal and external factors such as: - Organisational structure and critical systems - Emerging threats and vulnerabilities - Regulatory changes and market dynamics - Lessons learned from incidents, tests, or exercises - Update Plans Based on Contextual Changes - Revise plans to reflect: - New or evolving threats - Changes in technology or infrastructure - Operational challenges or gaps identified during testing - Updates may include contact lists, communication protocols, escalation paths, and resource allocations. - Communicate and Train - Ensure all relevant stakeholders are informed of updates. - Provide training or briefings to clarify roles and responsibilities in the revised plans. - Test and Improve - Conduct regular exercises and simulations to validate the effectiveness of updated plans. - Use results to identify gaps and drive continuous improvement. - Continuous Review Cycle - Establish a review schedule (e.g. quarterly or after major changes). - Integrate plan updates with broader risk management and governance processes. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure response and recovery plans remain effective by assigning roles and responsibility for their regular review and adaptation to evolving risks. To implement this control, the following elements should be considered:</p><ul><li>Define and Assign Responsibilities<ul><li>Assign clear roles for maintaining, reviewing, and updating response and recovery plans.</li><li>Ensure responsible individuals have the authority and resources to act on identified changes.</li><li>Designate a central coordinator or team to oversee the update process and ensure accountability.</li></ul></li><li>Understand and Monitor Organisational Context<ul><li>Regularly assess internal and external factors such as:<ul><li>Organisational structure and critical systems</li><li>Emerging threats and vulnerabilities</li><li>Regulatory changes and market dynamics</li><li>Lessons learned from incidents, tests, or exercises</li></ul></li></ul></li><li>Update Plans Based on Contextual Changes<ul><li>Revise plans to reflect:<ul><li>New or evolving threats</li><li>Changes in technology or infrastructure</li><li>Operational challenges or gaps identified during testing</li></ul></li><li>Updates may include contact lists, communication protocols, escalation paths, and resource allocations.</li></ul></li><li>Communicate and Train<ul><li>Ensure all relevant stakeholders are informed of updates.</li><li>Provide training or briefings to clarify roles and responsibilities in the revised plans.</li></ul></li><li>Test and Improve<ul><li>Conduct regular exercises and simulations to validate the effectiveness of updated plans.</li><li>Use results to identify gaps and drive continuous improvement.</li></ul></li><li>Continuous Review Cycle<ul><li>Establish a review schedule (e.g. quarterly or after major changes).</li><li>Integrate plan updates with broader risk management and governance processes.</li></ul></li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure response and recovery plans remain effective by assigning roles and responsibility for their regular review and adaptation to evolving risks. To implement this control, the following elements should be considered: - Define and Assign Responsibilities - Assign clear roles for maintaining, reviewing, and updating response and recovery plans. - Ensure responsible individuals have the authority and resources to act on identified changes. - Designate a central coordinator or team to oversee the update process and ensure accountability. - Understand and Monitor Organisational Context - Regularly assess internal and external factors such as: - Organisational structure and critical systems - Emerging threats and vulnerabilities - Regulatory changes and market dynamics - Lessons learned from incidents, tests, or exercises - Update Plans Based on Contextual Changes - Revise plans to reflect: - New or evolving threats - Changes in technology or infrastructure - Operational challenges or gaps identified during testing - Updates may include contact lists, communication protocols, escalation paths, and resource allocations. - Communicate and Train - Ensure all relevant stakeholders are informed of updates. - Provide training or briefings to clarify roles and responsibilities in the revised plans. - Test and Improve - Conduct regular exercises and simulations to validate the effectiveness of updated plans. - Use results to identify gaps and drive continuous improvement. - Continuous Review Cycle - Establish a review schedule (e.g. quarterly or after major changes). - Integrate plan updates with broader risk management and governance processes. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
GV.RR-02.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Cybersecurity roles and responsibilities |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Information security and cybersecurity roles, responsibilities and authorities for employees, suppliers, customers, and partners shall be documented, reviewed, author- ised, kept up to date, communicated, and coordinated internally and externally. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
22 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 24 of 24
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1