top of page

Principle 1

RISK-BASED STRATEGY AND EXECUTION

Define Acceptable Risk Thresholds

Acceptable cyber risk thresholds must be clearly understood, established, and approved by the risk owners based on the risk framework and methodology.

bottom of page