NIST CSF: ID.GV-1 Subcategory
From NIST's Cyber Security Framework (version 1):
Organizational cybersecurity policy is established and communicated
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
Related ISO 27001 Controls
Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Policies for information Security (5.1.1)
ISO 27001:2013
CSF Mapped to the NCSC CAF
Cyber Assessment Framework mappings generated from UK Cabinet Office data.
| Control ID | Name | Description |
|---|---|---|
| B1.b | Policy and Process Implementation | You have successfully implemented your security policies and processes and can demonstrate the security benefits achieved. |
| A1.a | Board Direction | You have effective organisational security management led at board level and articulated clearly in corresponding policies. |
| B1.a | Policy and Process Development | You have developed and continue to improve a set of cyber security and resilience policies and processes that manage and mitigate the risk of adverse impact on the essential function. |