Under active development — Content is continuously updated and improved

Home / Frameworks / SCF / RSK — Risk Management

RSK — Risk Management

Official SCF Download

32 controls in the Risk Management domain

RSK-01Risk Management Program

RSK-01.1Risk Framing

RSK-01.2Risk Management Resourcing

RSK-01.3Risk Tolerance

RSK-01.4Risk Threshold

RSK-01.5Risk Appetite

RSK-02Risk-Based Security Categorization

RSK-02.1Impact-Level Prioritization

RSK-03Risk Identification

RSK-03.1Risk Catalog

RSK-04Risk Assessment

RSK-04.1Risk Register

RSK-04.2Risk Assessment Methodology

RSK-04.3Instances Requiring A Risk Assessment

RSK-04.4Risk Assessment Stakeholder Involvement

RSK-05Risk Ranking

RSK-06Risk Remediation

RSK-06.1Risk Response

RSK-06.2Compensating Countermeasures

RSK-06.3Risk Treatment Options

RSK-06.4Risk Treatment Plan

RSK-07Risk Assessment Update

RSK-08Business Impact Analysis (BIA)

RSK-09Supply Chain Risk Management (SCRM) Plan

RSK-09.1Supply Chain Risk Assessment

RSK-09.2AI & Autonomous Technologies Supply Chain Impacts

RSK-10Data Protection Impact Assessment (DPIA)

RSK-11Risk Monitoring

RSK-12Risk Culture

RSK-13Executive Leadership Approval For Managing Material Risk

RSK-13.1Documented Alternatives

RSK-13.2Documented Justification For Material Risk Management Decisions

← Back to all controls