Organizational Context (GV.OC):

The circumstances - mission, stakeholder expectations, dependencies, and legal, regulatory, and contractual requirements - surrounding the organization's cybersecurity risk management decisions are understood

Subcategories

GV.OC-01

The organizational mission is understood and informs cybersecurity risk management

GV.OC-02

Internal and external stakeholders are understood, and their needs and expectations regarding cybersecurity risk management are understood and considered

GV.OC-03

Legal, regulatory, and contractual requirements regarding cybersecurity - including privacy and civil liberties obligations - are understood and managed

GV.OC-04

Critical objectives, capabilities, and services that external stakeholders depend on or expect from the organization are understood and communicated

GV.OC-05

Outcomes, capabilities, and services that the organization depends on are understood and communicated

Organizational Context (GV.OC):

Subcategories

GV.OC-01

GV.OC-02

GV.OC-03

GV.OC-04

GV.OC-05

Peaches.Cloud

Quick Links

Contact

Support Our Research