💼 Policy (GV.PO)

Description

Organizational cybersecurity policy is established, communicated, and enforced

Section	Sub Sections	Internal Rules	Policies	Flags
💼 GV.PO-01: Policy for managing cybersecurity risks is established based on organizational context, cybersecurity strategy, and priorities and is communicated and enforced			3
💼 GV.PO-02: Policy for managing cybersecurity risks is reviewed, updated, communicated, and enforced to reflect changes in requirements, threats, technology, and organizational mission			3