Skip to main content

💼 ID.GV-3: Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed

  • Contextual name: 💼 ID.GV-3: Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed
  • ID: /frameworks/nist-csf-v1.1/id-gv/03
  • Located in: 💼 Governance (ID.GV)

Description

Empty...

Similar

  • Sections
    • /frameworks/iso-iec-27001-2013/18/01/01
    • /frameworks/iso-iec-27001-2013/18/01/02
    • /frameworks/iso-iec-27001-2013/18/01/03
    • /frameworks/iso-iec-27001-2013/18/01/04
    • /frameworks/iso-iec-27001-2013/18/01/05
    • /frameworks/nist-sp-800-53-r4/ac/01
    • /frameworks/nist-sp-800-53-r4/at/01
    • /frameworks/nist-sp-800-53-r4/au/01
    • /frameworks/nist-sp-800-53-r4/ca/01
    • /frameworks/nist-sp-800-53-r4/cm/01
    • /frameworks/nist-sp-800-53-r4/cp/01
    • /frameworks/nist-sp-800-53-r4/ia/01
    • /frameworks/nist-sp-800-53-r4/ir/01
    • /frameworks/nist-sp-800-53-r4/ma/01
    • /frameworks/nist-sp-800-53-r4/mp/01
    • /frameworks/nist-sp-800-53-r4/pe/01
    • /frameworks/nist-sp-800-53-r4/pl/01
    • /frameworks/nist-sp-800-53-r4/ps/01
    • /frameworks/nist-sp-800-53-r4/ra/01
    • /frameworks/nist-sp-800-53-r4/sa/01
    • /frameworks/nist-sp-800-53-r4/sc/01
    • /frameworks/nist-sp-800-53-r4/si/01
  • Internal
    • ID: dec-c-df8cc0ef

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlags
💼 ISO/IEC 27001:2013 → 💼 A.18.1.1 Identification of applicable legislation and contractual requirements
💼 ISO/IEC 27001:2013 → 💼 A.18.1.2 Intellectual property rights
💼 ISO/IEC 27001:2013 → 💼 A.18.1.3 Protection of records13
💼 ISO/IEC 27001:2013 → 💼 A.18.1.4 Privacy and protection of personally identifiable information
💼 ISO/IEC 27001:2013 → 💼 A.18.1.5 Regulation of cryptographic controls
💼 NIST SP 800-53 Revision 4 → 💼 AC-1 ACCESS CONTROL POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 AT-1 SECURITY AWARENESS AND TRAINING POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 AU-1 AUDIT AND ACCOUNTABILITY POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 CA-1 SECURITY ASSESSMENT AND AUTHORIZATION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 CM-1 CONFIGURATION MANAGEMENT POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 CP-1 CONTINGENCY PLANNING POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 IA-1 IDENTIFICATION AND AUTHENTICATION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 IR-1 INCIDENT RESPONSE POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 MA-1 SYSTEM MAINTENANCE POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 MP-1 MEDIA PROTECTION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 PE-1 PHYSICAL AND ENVIRONMENTAL PROTECTION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 PL-1 SECURITY PLANNING POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 PS-1 PERSONNEL SECURITY POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 RA-1 RISK ASSESSMENT POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 SA-1 SYSTEM AND SERVICES ACQUISITION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 SC-1 SYSTEM AND COMMUNICATIONS PROTECTION POLICY AND PROCEDURES
💼 NIST SP 800-53 Revision 4 → 💼 SI-1 SYSTEM AND INFORMATION INTEGRITY POLICY AND PROCEDURES

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST CSF v2.0 → 💼 GV.OC-03: Legal, regulatory, and contractual requirements regarding cybersecurity - including privacy and civil liberties obligations - are understood and managed6

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (3)

PolicyLogic CountFlags
📝 AWS CloudTrail Log File Validation is not enabled 🟢1🟢 x6
📝 Google Logging Log Sink exports logs to a Storage Bucket without Bucket Lock 🟢1🟢 x6
📝 Google Logging Log Sink for All Log Entries is not configured 🟢1🟢 x6

Internal Rules

RulePoliciesFlags
✉️ dec-x-b1e1a4941