RSK-03.1 ยท Risk Catalog

Control Description

Mechanisms exist to develop and keep current a catalog of applicable risks associated with the organization's business operations and technologies in use.

Control Question
Assessment question for control validation

Does the organization develop and keep current a catalog of applicable risks associated with its business operations and technologies in use?

Control Weighting
5
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: RSK-03.1
ESP Level 1: RSK-03.1
ESP Level 2: RSK-03.1
ESP Level 3: RSK-03.1
Additional Metadata
Applicability (Process):
x