top of page

Principle 3

RISK-INFORMED SYSTEM

Establish Understanding of Risk-Informed Needs

< Back To Framework

The governance body should be identified and engaged in establishing a comprehensive understanding of its cyber risk informed needs.

2023 Draft NIST CSF 2.0 GV.OC-02

2017 AICPA CRMP Description Criteria DC13

2020 IIA Three Lines Model Principle 1

ISO 31000:2018 6.2

bottom of page