ID.RA-02—Cyber threat intelligence is received from information sharing forums and sources
>Control Description
This risk assessment subcategory ensures that cyber threat intelligence is received from information sharing forums and sources. Key activities include: Configure cybersecurity tools and technologies with detection or response capabilities to securely ingest cyber threat intelligence feeds; Receive and review advisories from reputable third parties on current threat actors and their tactics, techniques, and procedures (TTPs); Monitor sources of cyber threat intelligence for information on the types of vulnerabilities that emerging technologies may have.
>Cross-Framework Mappings
>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
GRC-08
TVM-04
CRI Profile v2.0
ID.RA-02
ID.RA-02.01
ID.RA-02.02
CSF v1.1
ID.RA-2
CoP
A5
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.7
Annex A Controls: 5.22
Annex A Controls: 8.16
NICE Framework
IO-WRL-006
OG-WRL-013
OG-WRL-014
PD-WRL-006
PD-WRL-007
SCF
GOV-07
THR-03
SP 800-171 Rev 3
03.11.01
SP 800-221A
GV.BE-4
SP 800-53 Rev 5.1.1
SI-05
PM-15
PM-16
SP 800-53 Rev 5.2.0
SI-05
PM-15
PM-16
SP-800-37 Rev 2
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-3 Risk Assessment—Organization
RMF Prepare Step (System Level): TASK P-14 Risk Assessment—System
Ask AI
Configure your API key to use AI features.