Article 38—Article 38
>Control Description
At least once a year, critical information infrastructure operators shall conduct an inspection and assessment of their networks’ security and risks that might exist, either on their own or through retaining a cybersecurity services organization; CII operators should submit a cybersecurity report on the circumstances of the inspection and assessment as well as improvement measures, to be sent to the relevant department responsible for critical information infrastructure security protection efforts.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.