⭐ Repository → 💼 SOC 2 → 💼 CC3 Risk Assessment
💼 CC3.2 The entity identifies risks to the achievement of its objectives\ \ across the entity and analyzes risks as a basis for determining how the\ \ risks should be managed.
- ID:
/frameworks/soc-2/cc3/02
Description
Empty...
Similar
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CC3.2-1 Includes Entity, Subsidiary, Division, Operating Unit, and Functional Levels | no data | ||||
| 💼 CC3.2-2 Analyzes Internal and External Factors | no data | ||||
| 💼 CC3.2-3 Involves Appropriate Levels of Management | no data | ||||
| 💼 CC3.2-4 Estimates Significance of Risks Identified | no data | ||||
| 💼 CC3.2-5 Determines How to Respond to Risks | no data | ||||
| 💼 CC3.2-6 Identifies Threats to Objectives | 1 | no data | |||
| 💼 CC3.2-7 Identifies Vulnerability of System Components | no data | ||||
| 💼 CC3.2-8 Analyzes Threats and Vulnerabilities From Vendors, Business Partners, and Other Parties | no data | ||||
| 💼 CC3.2-9 Assesses the Significance of the Risks | no data |