💼 GV.OC-05: Outcomes, capabilities, and services that the organization depends on are understood and communicated

• ID: /frameworks/nist-csf-v2.0/gv-oc/05

Description

1. Create an inventory of the organization's dependencies on external resources (e.g., facilities, cloud-based hosting providers) and their relationships to organizational assets and business functions
2. Identify and document external dependencies that are potential points of failure for the organization's critical capabilities and services, and share that information with appropriate personnel

Similar

• Sections
  • /frameworks/nist-csf-v1.1/id-be/01
  • /frameworks/nist-csf-v1.1/id-be/04
  • /frameworks/nist-sp-800-53-r5/pm/11
  • /frameworks/nist-sp-800-53-r5/pm/30
  • /frameworks/nist-sp-800-53-r5/ra/07
  • /frameworks/nist-sp-800-53-r5/sa/09
  • /frameworks/nist-sp-800-53-r5/sr/05

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 ID.BE-1: The organization's role in the supply chain is identified and communicated					no data
💼 NIST CSF v1.1 → 💼 ID.BE-4: Dependencies and critical functions for delivery of critical services are established			3		no data
💼 NIST SP 800-53 Revision 5 → 💼 PM-11 Mission and Business Process Definition					no data
💼 NIST SP 800-53 Revision 5 → 💼 PM-30 Supply Chain Risk Management Strategy	1				no data
💼 NIST SP 800-53 Revision 5 → 💼 RA-7 Risk Response					no data
💼 NIST SP 800-53 Revision 5 → 💼 SA-9 External System Services	8	1	1		no data
💼 NIST SP 800-53 Revision 5 → 💼 SR-5 Acquisition Strategies, Tools, and Methods	2				no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (3)

Policy	Logic Count	Flags	Compliance
🛡️ AWS S3 Bucket Versioning is not enabled🟢	1	🟢 x6	no data
🛡️ Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON🟢	1	🟢 x6	no data
🛡️ Azure Storage Blob Containers Soft Delete is not enabled🟢	1	🟢 x6	no data