Mechanisms exist to develop, report and monitor Key Performance Indicators (KPIs) to assist organizational management in performance monitoring and trend analysis of the cybersecurity & data privacy program.
Mechanisms exist to develop, report and monitor Key Risk Indicators (KRIs) to assist senior management in performance monitoring and trend analysis of the cybersecurity & data privacy program.
Mechanisms exist to identify and document appropriate contacts with relevant law enforcement and regulatory bodies.
Mechanisms exist to establish contact with selected groups and associations within the cybersecurity & data privacy communities to: â–ª Facilitate ongoing cybersecurity & data privacy education and training for organizational personnel; â–ª Maintain currency with recommended cybersecurity & data privacy practices, techniques and technologies; and â–ª Share current cybersecurity and/or data privacy-related information including threats, vulnerabilities and incidents.
Mechanisms exist to define the context of its business model and document the mission of the organization.
Mechanisms exist to establish control objectives as the basis for the selection, implementation and management of the organization’s internal control system.
Mechanisms exist to facilitate data governance to oversee the organization's policies, standards and procedures so that sensitive/regulated data is effectively managed and maintained in accordance with applicable statutory, regulatory and contractual obligations.
Mechanisms exist to monitor mission/business-critical services or functions to ensure those resources are being used consistent with their intended purpose.
Mechanisms exist to avoid and/or constrain the forced exfiltration of sensitive / regulated information (e.g., Intellectual Property (IP)) to the host government for purposes of market access or market management practices.
Mechanisms exist to constrain the host government's ability to leverage the organization's technology assets for economic or political espionage and/or cyberwarfare activities.
Passcode