CISOBot - Your AI CISO Assistant

THR-10

Threat Analysis

Weight: 7/10

Description

Mechanisms exist to identify, assess, prioritize and document the potential impact(s) and likelihood(s) of applicable internal and external threats.

Control Question

Does the organization identify, assess, prioritize and document the potential impact(s) and likelihood(s) of applicable internal and external threats?

Control Metadata

Domain:

Threat Management

Validation Cadence:

Annual

Evidence Request List:

E-THR-07

Have questions about this control?

Ask CISOBot for implementation guidance and best practices