Skip to main content

💼 CC3.4-6 Assesses Changes in Threats and Vulnerabilities

  • ID: /frameworks/soc-2/cc3/04/06

Stats​

not available

Description​

The risk identification process assesses changes in (1) internal and external threats to and vulnerabilities of the components of the entity's systems and (2) the likelihood and magnitude of the resultant risks to the achievement of the entity's objectives.

Similar​

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance