Skip to main content

💼 PM-11 Mission and Business Process Definition

  • Contextual name: 💼 PM-11 Mission and Business Process Definition
  • ID: /frameworks/nist-sp-800-53-r5/pm/11
  • Located in: 💼 PM Program Management

Description​

a. Define organizational mission and business processes with consideration for information security and privacy and the resulting risk to organizational operations, organizational assets, individuals, other organizations, and the Nation; and b. Determine information protection and personally identifiable information processing needs arising from the defined mission and business processes; and c. Review and revise the mission and business processes [Assignment: organization-defined frequency].

Similar​

  • Internal
    • ID: dec-c-8dc6f19b

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST CSF v2.0 → 💼 DE.AE-04: The estimated impact and scope of adverse events are understood13
💼 NIST CSF v2.0 → 💼 GV.OC-01: The organizational mission is understood and informs cybersecurity risk management
💼 NIST CSF v2.0 → 💼 GV.OC-04: Critical objectives, capabilities, and services that external stakeholders depend on or expect from the organization are understood and communicated3
💼 NIST CSF v2.0 → 💼 GV.OC-05: Outcomes, capabilities, and services that the organization depends on are understood and communicated3
💼 NIST CSF v2.0 → 💼 ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded7
💼 NIST CSF v2.0 → 💼 RC.RP-04: Critical mission functions and cybersecurity risk management are considered to establish post-incident operational norms

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags