>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

GV.OC-01The organizational mission is understood and informs cybersecurity risk management

>Control Description

This organizational context subcategory ensures that the organizational mission is understood and informs cybersecurity risk management. Key activities include: Share the organization’s mission (e.

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
PM-11
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
12.1.1
Compare

SOC 2 TSC

CC1.1
Compare
CC3.1
Compare

SCF

GOV-08
Compare
RSK-01.1
Compare
TDA-06.2
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CCMv4.0

BCR-01
BCR-07

CRI Profile v2.0

GV.OC-01
GV.OC-01.01

CSF v1.1

ID.BE-2
ID.BE-3

CoP

A3

ISO/IEC 27001:2022

Mandatory Clause: 4.1
Mandatory Clause: 6.1,
Mandatory Clause: 8.1
Mandatory Clause: 8.2
Mandatory Clause: 8.3
Annex A Controls:

NICE Framework

OG-WRL-002
OG-WRL-006
OG-WRL-007
OG-WRL-010
OG-WRL-015

PCI DSS

12.1.1

SCF

RSK-01.1
TDA-06.2

SP 800-221A

GV.CT-5
GV.CT-3

SP 800-53 Rev 5.1.1

PM-11

SP 800-53 Rev 5.2.0

PM-11

SP-800-37 Rev 2

RMF Prepare Step (Organization & Mission/Business Levels): TASK P-2 Risk Management Strategy
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-3 Risk Assessment—Organization
RMF Prepare Step (System Level): TASK P-8 Mission or Business Focus

Ask AI

Configure your API key to use AI features.