Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.IM-03.8: The organisation shall ensure that the security plan for its critical systems facilitates the review, testing, and continual improvement of the security protection processes. |
|
ID.IM-03.8 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p78 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that the organisation’s security plan for critical systems supports regular review, testing, and continuous improvement of protection measures. In Operational Technology (OT) envi- ronments, this helps maintain system integrity, adapt to evolving threats, and align with broader risk manage- ment efforts. To achieve this goal, the organisation should: • Develop and Maintain a Security Plan A documented plan should describe how critical systems are protected from security threats. It should be distinct from, but aligned with, the Risk Treatment Plan. • Focus on Operational and Technical Controls The plan should include defined security objectives, assigned responsibilities, security architecture, control measures, and procedures for monitoring, testing, and reviewing controls. • Enable Regular Review and Testing The plan should support scheduled reviews, vulnerability assessments, and penetration testing to evaluate the effectiveness of security measures. • Support Continuous Improvement Updates should be based on lessons learned, threat intelligence, audit results, and changes in the threat landscape. • Integrate with Risk Management The plan should align with the organisation’s risk treatment and governance processes to ensure consist- ency and accountability. • Keep the Plan Up to Date The plan should be reviewed and updated regularly to reflect system changes, new threats, and evolving operational needs. |
|
A general note, for any purpose. |
The goal of this control is to ensure that the organisation’s security plan for critical systems supports regular review, testing, and continuous improvement of protection measures. In Operational Technology (OT) envi- ronments, this helps maintain system integrity, adapt to evolving threats, and align with broader risk manage- ment efforts. To achieve this goal, the organisation should: - Develop and Maintain a Security Plan A documented plan should describe how critical systems are protected from security threats. It should be distinct from, but aligned with, the Risk Treatment Plan. - Focus on Operational and Technical Controls The plan should include defined security objectives, assigned responsibilities, security architecture, control measures, and procedures for monitoring, testing, and reviewing controls. - Enable Regular Review and Testing The plan should support scheduled reviews, vulnerability assessments, and penetration testing to evaluate the effectiveness of security measures. - Support Continuous Improvement Updates should be based on lessons learned, threat intelligence, audit results, and changes in the threat landscape. - Integrate with Risk Management The plan should align with the organisation’s risk treatment and governance processes to ensure consist- ency and accountability. - Keep the Plan Up to Date The plan should be reviewed and updated regularly to reflect system changes, new threats, and evolving operational needs. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that the organisation’s security plan for critical systems supports regular review, testing, and continuous improvement of protection measures. In Operational Technology (OT) envi- ronments, this helps maintain system integrity, adapt to evolving threats, and align with broader risk manage- ment efforts. To achieve this goal, the organisation should:</p><ul><li>Develop and Maintain a Security Plan A documented plan should describe how critical systems are protected from security threats. It should be distinct from, but aligned with, the Risk Treatment Plan.</li><li>Focus on Operational and Technical Controls The plan should include defined security objectives, assigned responsibilities, security architecture, control measures, and procedures for monitoring, testing, and reviewing controls.</li><li>Enable Regular Review and Testing The plan should support scheduled reviews, vulnerability assessments, and penetration testing to evaluate the effectiveness of security measures.</li><li>Support Continuous Improvement Updates should be based on lessons learned, threat intelligence, audit results, and changes in the threat landscape.</li><li>Integrate with Risk Management The plan should align with the organisation’s risk treatment and governance processes to ensure consist- ency and accountability.</li><li>Keep the Plan Up to Date The plan should be reviewed and updated regularly to reflect system changes, new threats, and evolving operational needs.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that the organisation’s security plan for critical systems supports regular review, testing, and continuous improvement of protection measures. In Operational Technology (OT) envi- ronments, this helps maintain system integrity, adapt to evolving threats, and align with broader risk manage- ment efforts. To achieve this goal, the organisation should: - Develop and Maintain a Security Plan A documented plan should describe how critical systems are protected from security threats. It should be distinct from, but aligned with, the Risk Treatment Plan. - Focus on Operational and Technical Controls The plan should include defined security objectives, assigned responsibilities, security architecture, control measures, and procedures for monitoring, testing, and reviewing controls. - Enable Regular Review and Testing The plan should support scheduled reviews, vulnerability assessments, and penetration testing to evaluate the effectiveness of security measures. - Support Continuous Improvement Updates should be based on lessons learned, threat intelligence, audit results, and changes in the threat landscape. - Integrate with Risk Management The plan should align with the organisation’s risk treatment and governance processes to ensure consist- ency and accountability. - Keep the Plan Up to Date The plan should be reviewed and updated regularly to reflect system changes, new threats, and evolving operational needs. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.IM-03.8 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Security plan continual improvement |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall ensure that the security plan for its critical systems facilitates the review, testing, and continual improvement of the security protection processes. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_IMPORTANT_to_ESSENTIAL |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
17 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 19 of 19
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1