Oversight (GV.OV):
Results of organization-wide cybersecurity risk management activities and performance are used to inform, improve, and adjust the risk management strategy
Subcategories
GV.OV-01
Cybersecurity risk management strategy outcomes are reviewed to inform and adjust strategy and direction
GV.OV-02
The cybersecurity risk management strategy is reviewed and adjusted to ensure coverage of organizational requirements and risks
GV.OV-03
Organizational cybersecurity risk management performance is evaluated and reviewed for adjustments needed