💼 Policy (GV.PO)

• Contextual name: 💼 Policy (GV.PO)
• ID: /frameworks/nist-csf-v2.0/gv-po
• Located in: 💼 NIST CSF v2.0

Description

Organizational cybersecurity policy is established, communicated, and enforced

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 GV.PO-01: Policy for managing cybersecurity risks is established based on organizational context, cybersecurity strategy, and priorities and is communicated and enforced
💼 GV.PO-02: Policy for managing cybersecurity risks is reviewed, updated, communicated, and enforced to reflect changes in requirements, threats, technology, and organizational mission