AuditRubric
risk-register

risk-register Controls

4 controls across 2 frameworks.

NIST CSF

gv-rm-6

A standardized method for calculating, documenting, categorizing, and prioritizing cybersecurity risks is established and communicated

Govern / Risk Management Strategy
id-ra-4

Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded

Identify / Risk Assessment
id-ra-5

Risk information is used to understand inherent risk and prioritize responses

Identify / Risk Assessment

SOC2

cc9-1

Risk mitigation strategies are identified and implemented

Security / Risk Mitigation