SEA-01.3 ยท Resilience Capabilities

Control Description

Mechanisms exist to ensure cybersecurity and data protection controls are designed and implemented to provide resistance to: (1) Unintentional errors (by users or software); and (2) Intentional attack or circumvention.

Control Question
Assessment question for control validation

Does the organization ensure cybersecurity and data protection controls are designed and implemented to provide resistance to: (1) Unintentional errors (by users or software); and (2) Intentional attack or circumvention?

Control Weighting
5
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Errata & Additional Notes

- new control