GV.OC-05: Do you have a record of external resources that could affect your organization ?

GV.OC-05: Do you have a record of external resources that could affect your organization ?

GV.OC-05: Outcomes, capabilities, and services that the organization depends on are determined and communicated

Implementation Examples

Example 1: Create an inventory of the organization’s dependencies on external resources (e.g., facilities, cloud-based hosting providers) and their relationships to organizational assets and business functions.

Example 2: Identify and document external dependencies that are potential points of failure for the organization’s critical capabilities and services.

 

Source: The NIST Cybersecurity Framework 2.0 Core with Implementation Examples.

Share this Post

Leave a Reply

Your email address will not be published. Required fields are marked *

*