💼 ID.RA-05: Threats, vulnerabilities, likelihoods, and impacts are used to understand inherent risk and inform risk response prioritization

• Contextual name: 💼 ID.RA-05: Threats, vulnerabilities, likelihoods, and impacts are used to understand inherent risk and inform risk response prioritization
• ID: /frameworks/nist-csf-v2.0/id-ra/05
• Located in: 💼 Risk Assessment (ID.RA)

Description

1. Develop threat models to better understand risks to the data and identify appropriate risk responses
2. Prioritize cybersecurity resource allocations and investments based on estimated likelihoods and impacts

Similar

• Sections
  • /frameworks/nist-csf-v1.1/id-ra/05
  • /frameworks/nist-sp-800-53-r5/pm/16
  • /frameworks/nist-sp-800-53-r5/ra/02
  • /frameworks/nist-sp-800-53-r5/ra/03
  • /frameworks/nist-sp-800-53-r5/ra/07

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 ID.RA-5: Threats, vulnerabilities, likelihoods, and impacts are used to determine risk		7	7
💼 NIST SP 800-53 Revision 5 → 💼 PM-16 Threat Awareness Program	1
💼 NIST SP 800-53 Revision 5 → 💼 RA-2 Security Categorization	1
💼 NIST SP 800-53 Revision 5 → 💼 RA-3 Risk Assessment	4
💼 NIST SP 800-53 Revision 5 → 💼 RA-7 Risk Response

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (7)

Policy	Logic Count	Flags
📝 Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For App Services is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Containers is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Key Vault is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Servers is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Storage is not set to On 🟢	1	🟢 x6