Cyber Compliance

Control domain

Évaluation et gestion des risques

Assessing security risk and maintaining a programme of appropriate, risk-based measures.

8 requirements across 8frameworks & regulations.

NIST 800-53Related
RA-3 Risk assessment
NIST 800-171Related
3.11.1 Periodically assess risk
HIPAARelated
§164.308(a)(1) Security management process
NIS2Related
Art. 21(2)(a) Risk analysis and information system security policies
DORARelated
Art. 6 ICT risk management framework
CCPA / CPRARelated
§1798.150 Duty to implement reasonable security
LGPDPartial
Art. 46 Security measures
NIST CSF 2.0Partial
ID.RA-01 Vulnerabilities identified and recorded

← Correspondances