πΌ ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded
- Contextual name: πΌ ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded
- ID:
/frameworks/nist-csf-v2.0/id-ra/04 - Located in: πΌ Risk Assessment (ID.RA)
Descriptionβ
- Business leaders and cybersecurity risk management practitioners work together to estimate the likelihood and impact of risk scenarios and record them in risk registers
- Enumerate the potential business impacts of unauthorized access to the organization's communications, systems, and data processed in or by those systems
- Account for the potential impacts of cascading failures for systems of systems
Similarβ
- Sections
/frameworks/nist-csf-v1.1/id-ra/04/frameworks/nist-sp-800-53-r5/pm/09/frameworks/nist-sp-800-53-r5/pm/11/frameworks/nist-sp-800-53-r5/ra/02/frameworks/nist-sp-800-53-r5/ra/03/frameworks/nist-sp-800-53-r5/ra/08/frameworks/nist-sp-800-53-r5/ra/09
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ ID.RA-4: Potential business impacts and likelihoods are identified | 7 | 7 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ PM-9 Risk Management Strategy | ||||
| �πΌ NIST SP 800-53 Revision 5 β πΌ PM-11 Mission and Business Process Definition | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ RA-2 Security Categorization | 1 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ RA-3 Risk Assessment | 4 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ RA-8 Privacy Impact Assessments | ||||
| πΌ NIST SP 800-53 Revision 5 β πΌ RA-9 Criticality Analysis |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (7)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For App Services is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Containers is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Key Vault is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Servers is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Storage is not set to On π’ | 1 | π’ x6 |