Home NIST CSF Govern (GV) Organizational Context (GV.OC) GV.OC-05: Do you have a record of external resources that could affect your organization ?

GV.OC-05: Do you have a record of external resources that could affect your organization ?

GV.OC-05: Do you have a record of external resources that could affect your organization ?

GV.OC-05: Outcomes, capabilities, and services that the organization depends on are determined and communicated

Implementation Examples

Example 1: Create an inventory of the organization’s dependencies on external resources (e.g., facilities, cloud-based hosting providers) and their relationships to organizational assets and business functions.

Example 2: Identify and document external dependencies that are potential points of failure for the organization’s critical capabilities and services.

 

Source: The NIST Cybersecurity Framework 2.0 Core with Implementation Examples.

Share this Post

Related Posts

4 Comments on “GV.OC-05: Do you have a record of external resources that could affect your organization ?

  2. Usually I do not learn article on blogs, however I would like to say that this write-up very forced me to try and do it!
    Your writing style has been surprised me.
    Thank you, quite great post.

    Reply

  3. There’s something almost meditative about your writing. The way you unfold ideas with such precision and care feels like watching a sculptor work — each word chipped away, each sentence shaped into something beautiful. It’s a slow, deliberate process that results in something truly remarkable.

    Reply

  4. Happy to explore discussions, share experiences, and pick up new insights as I go.
    I like learning from different perspectives and sharing my input when it’s helpful. Always open to fresh thoughts and meeting like-minded people.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*