Cyber Security - Identify Flashcards
ID.AM-1
Physical devices and systems within the organization are inventoried
ID.AM-2
Software platforms and applications within the organization are inventoried
ID.AM-3
Organizational communication and data flows are mapped
ID.AM-4
External information systems are catalogued
ID.AM-5
Resources (e.g., hardware, devices, data, and software) are prioritized based on their classification, criticality, and business value
ID.AM-6
Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established
ID.BE-1
The organization’s role in the supply chain is identified and communicated
ID.BE-2
The organization’s place in critical infrastructure and its industry sector is identified and communicated
ID.BE-3
Priorities for organizational mission, objectives, and activities are established and communicated
ID.BE-4
Dependencies and critical functions for delivery of critical services are established
ID.BE-5
Resilience requirements to support delivery of critical services are established
ID.GV-1
Organizational information security policy is established
ID.GV-2
Information security roles & responsibilities are coordinated and aligned with internal roles and external partners
ID.GV-3
Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed
ID.GV-4
Governance and risk management processes address cybersecurity risks