Skip to main content

💼 Risk Assessment (ID.RA)

Contextual name: 💼 Risk Assessment (ID.RA)
ID: /frameworks/nist-csf-v1.1/id-ra
Located in: 💼 NIST CSF v1.1

Description

The organization understands the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.

Similar

Internal
- ID: dec-b-afcc5fcd

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 ID.RA-1: Asset vulnerabilities are identified and documented		13	15
💼 ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources
💼 ID.RA-3: Threats, both internal and external, are identified and documented		7	7
💼 ID.RA-4: Potential business impacts and likelihoods are identified		7	7
💼 ID.RA-5: Threats, vulnerabilities, likelihoods, and impacts are used to determine risk		7	7
💼 ID.RA-6: Risk responses are identified and prioritized

Description
Similar
Sub Sections