GV.OC-02: How to determine stakeholders for cybersecurity risk management ?

GV.OC-02: How to determine stakeholders for  cybersecurity risk management ?

GV.OC-02: Internal and external stakeholders are determined, and their needs and expectations regarding cybersecurity risk management are understood.

Example 1: Identify relevant internal stakeholders and their cybersecurity-related expectations (e.g., performance and risk expectations of officers, directors, and advisors; cultural expectations of employees)

Example 2: Identify relevant external stakeholders and their cybersecurity-related expectations (e.g., privacy expectations of customers, business expectations of partnerships, compliance expectations of regulators, ethics expectations of society).

Source: The NIST Cybersecurity Framework 2.0 Core with Implementation Examples.

Share this Post

1 Comment on “GV.OC-02: How to determine stakeholders for cybersecurity risk management ?

Leave a Reply

Your email address will not be published. Required fields are marked *

*