Mechanisms exist to maintain a risk register that facilitates monitoring and reporting of risks.
Control Question
Assessment question for control validation
Does the organization maintain a risk register that facilitates monitoring and reporting of risks?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Core Control Designations
Special designations and baseline inclusions
MAD: RSK-04.1
ESP Level 1: RSK-04.1
ESP Level 2: RSK-04.1
ESP Level 3: RSK-04.1