Skip to main content

💼 GV.RM-07: Strategic opportunities (i.e., positive risks) are characterized and are included in organizational cybersecurity risk discussions

Contextual name: 💼 GV.RM-07: Strategic opportunities (i.e., positive risks) are characterized and are included in organizational cybersecurity risk discussions
ID: /frameworks/nist-csf-v2.0/gv-rm/07
Located in: 💼 Risk Management Strategy (GV.RM)

Description

Define and communicate guidance and methods for identifying opportunities and including them in risk discussions (e.g., strengths, weaknesses, opportunities, and threats [SWOT] analysis)
Identify stretch goals and document them
Calculate, document, and prioritize positive risks alongside negative risks

Similar

Sections
- /frameworks/nist-sp-800-53-r5/pm/09
- /frameworks/nist-sp-800-53-r5/pm/18
- /frameworks/nist-sp-800-53-r5/pm/28
- /frameworks/nist-sp-800-53-r5/pm/30
- /frameworks/nist-sp-800-53-r5/ra/03

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 PM-9 Risk Management Strategy
💼 NIST SP 800-53 Revision 5 → 💼 PM-18 Privacy Program Plan
💼 NIST SP 800-53 Revision 5 → 💼 PM-28 Risk Framing
💼 NIST SP 800-53 Revision 5 → 💼 PM-30 Supply Chain Risk Management Strategy	1
💼 NIST SP 800-53 Revision 5 → 💼 RA-3 Risk Assessment	4

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description
Similar
Similar Sections (Take Policies From)
Sub Sections