|
GV.RM: Risk Management Strategy
|
http://cyfun.data.gift/data/category_GV.RM
|
29 |
|
GV.RM: Risk Management Strategy
|
http://cyfun.data.gift/data/nist_category_GV_RM
|
5 |
|
GV.RR-01.1: Organisation's top management shall be responsible and accountable for cyber- security risk and shall foster a culture that is risk-aware, ethical, and continually improving.
|
http://cyfun.data.gift/data/requirement_GV_RR_01_1
|
17 |
|
GV.RR-01: Organizational leadership is responsible and accountable for cybersecurity risk and fosters a culture that is risk-aware, ethical, and continually improving
|
http://cyfun.data.gift/data/nist_subcategory_GV_RR_01
|
5 |
|
GV.RR-01: Organizational leadership is responsible and accountable for cybersecurity risk and fosters a culture that is risk-aware, ethical, and continually improving
|
http://cyfun.data.gift/data/subcategory_GV.RR-01
|
13 |
|
GV.RR-02.1: Information security and cybersecurity roles, responsibilities and authorities for employees, suppliers, customers, and partners shall be documented, reviewed, author- ised, kept up to date, communicated, and coordinated internally and externally.
|
http://cyfun.data.gift/data/requirement_GV_RR_02_1
|
22 |
|
GV.RR-02.2: The organisation shall appoint a senior-level executive information security officer.
|
http://cyfun.data.gift/data/requirement_GV_RR_02_2
|
18 |
|
GV.RR-02: Roles, responsibilities, and authorities related to cybersecurity risk management are established, communicated, understood, and enforced
|
http://cyfun.data.gift/data/nist_subcategory_GV_RR_02
|
5 |
|
GV.RR-02: Roles, responsibilities, and authorities related to cybersecurity risk management are established, communicated, understood, and enforced
|
http://cyfun.data.gift/data/subcategory_GV.RR-02
|
17 |
|
GV.RR-03: Adequate resources are allocated commensurate with the cybersecurity risk strategy, roles, responsibilities, and policies
|
http://cyfun.data.gift/data/nist_subcategory_GV_RR_03
|
5 |
|
GV.RR-03: Adequate resources are allocated commensurate with the cybersecurity risk strategy, roles, responsibilities, and policies
|
http://cyfun.data.gift/data/subcategory_GV.RR-03
|
15 |
|
GV.RR-04.1: Personnel with access to the organisation’s most critical information or technology shall be authenticated.
|
http://cyfun.data.gift/data/requirement_GV_RR_04_1
|
21 |