NIST CSF: ID.RA-6 Subcategory

From NIST's Cyber Security Framework (version 1):

Risk responses are identified and prioritized

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

CSF Mapped to SP800-53 Controls

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Node
PM-9: Risk Management Strategy
PM-4: Plan of Action and Milestones Process

Related ISO 27001 Controls

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

  • Contact with authorities (6.1.3)
    ISO 27001:2013

CSF Mapped to the NCSC CAF

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Control ID Name Description
A2.a Risk Management Process Your organisation has effective internal processes for managing risks to the security of network and information systems related to the operation of essential functions and communicating associated activities.
A2.b Assurance You have gained confidence in the effectiveness of the security of your technology, people, and processes relevant to essential functions.