💼 CC3.4-6 Assesses Changes in Threats and Vulnerabilities
- ID:
/frameworks/soc-2/cc3/04/06
Description​
The risk identification process assesses changes in (1) internal and external threats to and vulnerabilities of the components of the entity's systems and (2) the likelihood and magnitude of the resultant risks to the achievement of the entity's objectives.
Similar​
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|