💼 GV.OV-02: The cybersecurity risk management strategy is reviewed and adjusted to ensure coverage of organizational requirements and risks
- ID:
/frameworks/nist-csf-v2.0/gv-ov/02
Description​
- Review audit findings to confirm whether the existing cybersecurity strategy has ensured compliance with internal and external requirements
- Review the performance oversight of those in cybersecurity-related roles to determine whether policy changes are necessary
- Review strategy in light of cybersecurity incidents
Similar​
- Sections
/frameworks/nist-sp-800-53-r5/pm/09/frameworks/nist-sp-800-53-r5/pm/19/frameworks/nist-sp-800-53-r5/pm/30/frameworks/nist-sp-800-53-r5/pm/31/frameworks/nist-sp-800-53-r5/ra/07/frameworks/nist-sp-800-53-r5/sr/06
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 PM-9 Risk Management Strategy | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 PM-19 Privacy Program Leadership Role | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 PM-30 Supply Chain Risk Management Strategy | 1 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 PM-31 Continuous Monitoring Strategy | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 RA-7 Risk Response | no data | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 SR-6 Supplier Assessments and Reviews | 1 | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|