3.2.1.4 Cyber Risk Monitoring and Review
| No: 381000091275 | Date(g): 24/5/2017 | Date(h): 28/8/1438 | Status: In-Force |
Principle
The progress cyber security risk treatment should be monitored and the effectiveness of revised or newly implemented cyber security controls should be reviewed.
Objective
To ensure that the cyber security risk treatment is performed according to the treatment plans. To ensure that the revised or newly implemented cyber security controls are effective.
Control considerations
| 1. | The cyber security treatment should be monitored, including: | |
| a. | tracking progress in accordance to treatment plan; | |
| b. | the selected and agreed cyber security controls are being implemented. | |
| 2. | The design and effectiveness of the revised or newly implemented cyber security controls should be reviewed. | |