💼 GV.OV-03: Organizational cybersecurity risk management performance is evaluated and reviewed for adjustments needed
- Contextual name: 💼 GV.OV-03: Organizational cybersecurity risk management performance is evaluated and reviewed for adjustments needed
- ID:
/frameworks/nist-csf-v2.0/gv-ov/03 - Located in: 💼 Oversight (GV.OV)
Description​
- Review key performance indicators (KPIs) to ensure that organization-wide policies and procedures achieve objectives
- Review key risk indicators (KRIs) to identify risks the organization faces, including likelihood and potential impact
- Collect and communicate metrics on cybersecurity risk management with senior leadership
Similar​
- Sections
/frameworks/nist-sp-800-53-r5/pm/04/frameworks/nist-sp-800-53-r5/pm/06/frameworks/nist-sp-800-53-r5/ra/07/frameworks/nist-sp-800-53-r5/sr/06
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 PM-4 Plan of Action and Milestones Process | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 PM-6 Measures of Performance | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 RA-7 Risk Response | ||||
| 💼 NIST SP 800-53 Revision 5 → 💼 SR-6 Supplier Assessments and Reviews | 1 |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|