Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.RA-05.2: The organisation shall conduct and document risk assessments in which risk is determined by threats, vulnerabilities, impact on business processes and assets, and likelihood of their occurrence. |
|
ID.RA-05.2 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p50 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p69 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to ensure that risk assessments are conducted and documented using a structured approachthatconsidersthreats,vulnerabilities,businessimpact,andlikelihood.Thissupportsinformeddecision- making and prioritisation of cybersecurity efforts across both IT and OT environments. To achieve this goal, the organisation should: - Include Internal and External Threats Risk assessments should consider threats originating from within the organisation as well as from external actors. - Apply Recognised Risk Analysis Methods Qualitative and/or quantitative methods — such as the MAPGOOD model, ISO/IEC 27005, or the CIS Risk Assessment Method — should be used.These methods maybe supported byrisk management software tools. - Prioritise Based on Likelihood and Impact Cybersecurity resources and investments should be allocated based on the estimated likelihood of threats and the potential impact on business processes and critical assets. - Ensure OT-Specific Risk Considerations Risk assessments should account for OT-specific factors such as safety implications, system availability, legacy technologies, and operational constraints. |
|
A general note, for any purpose. |
The goal of this control is to ensure that risk assessments are conducted and documented using a structured approachthatconsidersthreats,vulnerabilities,businessimpact,andlikelihood.Thissupportsinformeddecision- making and prioritisation of cybersecurity efforts across both IT and OT environments. To achieve this goal, the organisation should: • Include Internal and External Threats Risk assessments should consider threats originating from within the organisation as well as from external actors. • Apply Recognised Risk Analysis Methods Qualitative and/or quantitative methods — such as the MAPGOOD model, ISO/IEC 27005, or the CIS Risk Assessment Method — should be used.These methods maybe supported byrisk management software tools. • Prioritise Based on Likelihood and Impact Cybersecurity resources and investments should be allocated based on the estimated likelihood of threats and the potential impact on business processes and critical assets. • Ensure OT-Specific Risk Considerations Risk assessments should account for OT-specific factors such as safety implications, system availability, legacy technologies, and operational constraints. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to ensure that risk assessments are conducted and documented using a structured approachthatconsidersthreats,vulnerabilities,businessimpact,andlikelihood.Thissupportsinformeddecision- making and prioritisation of cybersecurity efforts across both IT and OT environments. To achieve this goal, the organisation should:</p><ul><li>Include Internal and External Threats Risk assessments should consider threats originating from within the organisation as well as from external actors.</li><li>Apply Recognised Risk Analysis Methods Qualitative and/or quantitative methods — such as the MAPGOOD model, ISO/IEC 27005, or the CIS Risk Assessment Method — should be used.These methods maybe supported byrisk management software tools.</li><li>Prioritise Based on Likelihood and Impact Cybersecurity resources and investments should be allocated based on the estimated likelihood of threats and the potential impact on business processes and critical assets.</li><li>Ensure OT-Specific Risk Considerations Risk assessments should account for OT-specific factors such as safety implications, system availability, legacy technologies, and operational constraints.</li></ul></div> |
|
A general note, for any purpose. |
The goal of this control is to ensure that risk assessments are conducted and documented using a structured approachthatconsidersthreats,vulnerabilities,businessimpact,andlikelihood.Thissupportsinformeddecision- making and prioritisation of cybersecurity efforts across both IT and OT environments. To achieve this goal, the organisation should: - Include Internal and External Threats Risk assessments should consider threats originating from within the organisation as well as from external actors. - Apply Recognised Risk Analysis Methods Qualitative and/or quantitative methods — such as the MAPGOOD model, ISO/IEC 27005, or the CIS Risk Assessment Method — should be used.These methods maybe supported byrisk management software tools. - Prioritise Based on Likelihood and Impact Cybersecurity resources and investments should be allocated based on the estimated likelihood of threats and the potential impact on business processes and critical assets. - Ensure OT-Specific Risk Considerations Risk assessments should account for OT-specific factors such as safety implications, system availability, legacy technologies, and operational constraints. |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.RA-05.2 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Documented risk assessment with likelihood |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
The organisation shall conduct and document risk assessments in which risk is determined by threats, vulnerabilities, impact on business processes and assets, and likelihood of their occurrence. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
1 |
|
|
The number of triples associated with the subject. |
22 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 24 of 24
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1