Skip to main content

💼 GV.RM-01: Risk management objectives are established and agreed to by organizational stakeholders

ID: /frameworks/nist-csf-v2.0/gv-rm/01

Description

Update near-term and long-term cybersecurity risk management objectives as part of annual strategic planning and when major changes occur
Establish measurable objectives for cybersecurity risk management (e.g., manage the quality of user training, ensure adequate risk protection for industrial control systems)
Senior leaders agree about cybersecurity objectives and use them for measuring and managing risk and performance

Similar

Sections
- /frameworks/nist-csf-v1.1/id-rm/01
- /frameworks/nist-sp-800-53-r5/pm/09
- /frameworks/nist-sp-800-53-r5/ra/07
- /frameworks/nist-sp-800-53-r5/sr/02

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 ID.RM-1: Risk management processes are established, managed, and agreed to by organizational stakeholders					no data
💼 NIST SP 800-53 Revision 5 → 💼 PM-9 Risk Management Strategy					no data
💼 NIST SP 800-53 Revision 5 → 💼 RA-7 Risk Response					no data
💼 NIST SP 800-53 Revision 5 → 💼 SR-2 Supply Chain Risk Management Plan	1				no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description
Similar
Similar Sections (Take Policies From)
Sub Sections