top of page

Principle 5

RISK-INFORMED SYSTEM

Enable Reporting Processes

< Back To Framework

Reporting processes should equip the governance body with insights on the impact of cyber risks on existing practices and strategic decisions.

2023 Draft NIST CSF 2.0 GV.OV

2023 NACD Director’s Handbook on Cyber-Risk Oversight Principle 5

2017 AICPA CRMP Description Criteria DC13, DC16

2020 IIA Three Lines Model Principle 6

bottom of page