πΌ GV.OC-05: Outcomes, capabilities, and services that the organization depends on are understood and communicated
- Contextual name: πΌ GV.OC-05: Outcomes, capabilities, and services that the organization depends on are understood and communicated
- ID:
/frameworks/nist-csf-v2.0/gv-oc/05 - Located in: πΌ Organizational Context (GV.OC)
Descriptionβ
- Create an inventory of the organization's dependencies on external resources (e.g., facilities, cloud-based hosting providers) and their relationships to organizational assets and business functions
- Identify and document external dependencies that are potential points of failure for the organization's critical capabilities and services, and share that information with appropriate personnel
Similarβ
- Sections
/frameworks/nist-csf-v1.1/id-be/01/frameworks/nist-csf-v1.1/id-be/04/frameworks/nist-sp-800-53-r5/pm/11/frameworks/nist-sp-800-53-r5/pm/30/frameworks/nist-sp-800-53-r5/ra/07/frameworks/nist-sp-800-53-r5/sa/09/frameworks/nist-sp-800-53-r5/sr/05
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ ID.BE-1: The organization's role in the supply chain is identified and communicated | ||||
| πΌ NIST CSF v1.1 β πΌ ID.BE-4: Dependencies and critical functions for delivery of critical services are established | 4 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ PM-11 Mission and Business Process Definition | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ PM-30 Supply Chain Risk Management Strategy | 1 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ RA-7 Risk Response | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ SA-9 External System Services | 8 | 1 | 1 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SR-5 Acquisition Strategies, Tools, and Methods | 2 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Multi-Region CloudTrail is not enabled π’ | 1 | π’ x6 |
| π AWS S3 Bucket Versioning is not enabled π’ | 1 | π’ x6 |
| π Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON π’ | 1 | π’ x6 |
| π Azure Storage Blob Containers Soft Delete is not enabled π’ | 1 | π’ x6 |