Skip to main content

💼 GV.OV-02: The cybersecurity risk management strategy is reviewed and adjusted to ensure coverage of organizational requirements and risks

Contextual name: 💼 GV.OV-02: The cybersecurity risk management strategy is reviewed and adjusted to ensure coverage of organizational requirements and risks
ID: /frameworks/nist-csf-v2.0/gv-ov/02
Located in: 💼 Oversight (GV.OV)

Description

Review audit findings to confirm whether the existing cybersecurity strategy has ensured compliance with internal and external requirements
Review the performance oversight of those in cybersecurity-related roles to determine whether policy changes are necessary
Review strategy in light of cybersecurity incidents

Similar

Sections
- /frameworks/nist-sp-800-53-r5/pm/09
- /frameworks/nist-sp-800-53-r5/pm/19
- /frameworks/nist-sp-800-53-r5/pm/30
- /frameworks/nist-sp-800-53-r5/pm/31
- /frameworks/nist-sp-800-53-r5/ra/07
- /frameworks/nist-sp-800-53-r5/sr/06

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 PM-9 Risk Management Strategy
💼 NIST SP 800-53 Revision 5 → 💼 PM-19 Privacy Program Leadership Role
💼 NIST SP 800-53 Revision 5 → 💼 PM-30 Supply Chain Risk Management Strategy	1
💼 NIST SP 800-53 Revision 5 → 💼 PM-31 Continuous Monitoring Strategy
💼 NIST SP 800-53 Revision 5 → 💼 RA-7 Risk Response
💼 NIST SP 800-53 Revision 5 → 💼 SR-6 Supplier Assessments and Reviews	1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description
Similar
Similar Sections (Take Policies From)
Sub Sections