πΌ GV.OV-03: Organizational cybersecurity risk management performance is evaluated and reviewed for adjustments needed
- Contextual name: πΌ GV.OV-03: Organizational cybersecurity risk management performance is evaluated and reviewed for adjustments needed
- ID:
/frameworks/nist-csf-v2.0/gv-ov/03 - Located in: πΌ Oversight (GV.OV)
Descriptionβ
- Review key performance indicators (KPIs) to ensure that organization-wide policies and procedures achieve objectives
- Review key risk indicators (KRIs) to identify risks the organization faces, including likelihood and potential impact
- Collect and communicate metrics on cybersecurity risk management with senior leadership
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/pm/04/frameworks/nist-sp-800-53-r5/pm/06/frameworks/nist-sp-800-53-r5/ra/07/frameworks/nist-sp-800-53-r5/sr/06
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ PM-4 Plan of Action and Milestones Process | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ PM-6 Measures of Performance | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ RA-7 Risk Response | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ SR-6 Supplier Assessments and Reviews | 1 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|