GV.RM-07:

Strategic opportunities (i.e., positive risks) are characterized and are included in organizational cybersecurity risk discussions

Implementation Examples

Ex1:

Define and communicate guidance and methods for identifying opportunities and including them in risk discussions (e.g., strengths, weaknesses, opportunities, and threats [SWOT] analysis)

Ex2:

Identify stretch goals and document them

Ex3:

Calculate, document, and prioritize positive risks alongside negative risks

GV.RM-07:

Strategic opportunities (i.e., positive risks) are characterized and are included in organizational cybersecurity risk discussions

Implementation Examples

Ex1:

Ex2:

Ex3:

Peaches.Cloud

Quick Links

Contact

Support Our Research