Skip to main content

πŸ’Ό GV.OC-01: The organizational mission is understood and informs cybersecurity risk management

  • Contextual name: πŸ’Ό GV.OC-01: The organizational mission is understood and informs cybersecurity risk management
  • ID: /frameworks/nist-csf-v2.0/gv-oc/01
  • Located in: πŸ’Ό Organizational Context (GV.OC)

Description​

Share the organization's mission (e.g., through vision and mission statements, marketing, and service strategies) to provide a basis for identifying risks that may impede that mission.

Similar​

  • Sections
    • /frameworks/nist-csf-v1.1/id-be/02
    • /frameworks/nist-csf-v1.1/id-be/03
    • /frameworks/nist-sp-800-53-r5/pm/11

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.BE-2: The organization's place in critical infrastructure and its industry sector is identified and communicated
πŸ’Ό NIST CSF v1.1 β†’ πŸ’Ό ID.BE-3: Priorities for organizational mission, objectives, and activities are established and communicated
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό PM-11 Mission and Business Process Definition

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags