Back

Define and assign the Chief Risk Officer's roles and responsibilities.


CONTROL ID
14333
CONTROL TYPE
Human Resources Management
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Establish, implement, and maintain high level operational roles and responsibilities., CC ID: 00806

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Establish a Risk Executive (function) to view and analyze risk from an organization-wide perspective and ensure management of risk is consistent across the organization. (PM-29b., Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations, NIST Special Publication 800-161, Revision 1, Appendix A, C-SCRM Level 1 Controls)
  • Establish a Risk Executive (function) to view and analyze risk from an organization-wide perspective and ensure management of risk is consistent across the organization. (PM-29b., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5)
  • Establish a Risk Executive (function) to view and analyze risk from an organization-wide perspective and ensure management of risk is consistent across the organization. (PM-29b., Security and Privacy Controls for Information Systems and Organizations, NIST SP 800-53, Revision 5.1.1)