SAMMY UI is optimized for resolutions with a width 1024px and higher.
NIS2
Browse NIS2
GV.RM: Risk Management Strategy
Enterprise Risk Integration
GV.RM-03: The activities and outcomes of cybersecurity risk management are an integral part of the organization's risk management processes.
  • 1. Within the framework of the risk management processes of the NIS entity and in compliance with the policies outlined in measure GV.PO-01, a cybersecurity risk management plan is defined, implemented, updated, and documented to identify, analyze, evaluate, treat, and monitor risks.
Requirement Covered
Not Applicable - Not applicable
No - The requirement(s) have not been meaningfully implemented.
Partial - Not all requirement(s) have been meaningfully implemented.
Yes - There is an organization-wide approach to managing cybersecurity risks that uses risk-informed policies, processes, and procedures to address potential cybersecurity events.
Description

The activities and outcomes of cybersecurity risk management are an integral part of the organization's risk management processes.