Risk-based Approach ()
Threats, vulnerabilities, likelihoods, and impacts are used to determine risk
stereotypeControlObjective
namespaceNIST_CSF
statusMANDATORY
refCodeID.RA-5
cis_crc4
cobitAPO12.02
iso27001A.12.6.1
nist-sp800-53RA-2, RA-3, PM-16