💼 Roles, Responsibilities, and Authorities (GV.RR)
- ID:
/frameworks/nist-csf-v2.0/gv-rr
Description​
Cybersecurity roles, responsibilities, and authorities to foster accountability, performance assessment, and continuous improvement are established and communicated
Similar​
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
| 💼 GV.RR-01: Organizational leadership is responsible and accountable for cybersecurity risk and fosters a culture that is risk-aware, ethical, and continually improving | | | | | no data |
| 💼 GV.RR-02: Roles, responsibilities, and authorities related to cybersecurity risk management are established, communicated, understood, and enforced | | | | | no data |
| 💼 GV.RR-03: Adequate resources are allocated commensurate with the cybersecurity risk strategy, roles, responsibilities, and policies | | | | | no data |
| 💼 GV.RR-04: Cybersecurity is included in human resources practices | | | | | no data |