RSK-04.2 ยท Risk Assessment Methodology

Control Description

Mechanisms exist to implement a risk assessment methodology to ensure coverage for organizational components relevant for secure, compliant and resilient operations.

Control Question
Assessment question for control validation

Does the organization implement a risk assessment methodology to ensure coverage for organizational components relevant for secure, compliant and resilient operations?

Control Weighting
8
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Core Control Designations
Special designations and baseline inclusions
MAD: RSK-04.2
ESP Level 3: RSK-04.2
Additional Metadata
Applicability (Process):
x