An error occurred:

© 2025 Xylok, LLC

Version: features-advanced-collector-898c2c - rmfrev4

Navigate

CCI-002368

CCI-002368 Definition

Defines the personnel or roles to whom the organization-level; mission/business process-level; system-level risk assessment policy is disseminated.

Status
Type	CheckType.policy

Master Assessment Datasheet

Implementation Guidance

Validation Procedures

Related Controls

The controls below (if any) were marked by NIST as being related to CCI-002368.

Control

Description

The organization:

a: Develops, documents, and disseminates to [one of ]:
- 1: A risk assessment policy that addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance; and
- 2: Procedures to facilitate the implementation of the risk assessment policy and associated risk assessment controls; and

b: Reviews and updates the current:
- 1: Risk assessment policy [one of ]; and
- 2: Risk assessment procedures [one of ].