NIST CSF: ID.RM-1 Subcategory

Risk management processes are established, managed, and agreed to by organizational stakeholders

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Search:

Node
PM-9: Risk Management Strategy

Showing 1 to 1 of 1 entries

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Search:

Control ID	Name	Description
A2.a	Risk Management Process	Your organisation has effective internal processes for managing risks to the security of network and information systems related to the operation of essential functions and communicating associated activities.
A1.c	Decision-making	You have senior-level accountability for the security of networks and information systems, and delegate decision-making authority appropriately and effectively. Risks to network and information systems related to the operation of essential functions are considered in the context of other organisational risks.

Showing 1 to 2 of 2 entries