>myctrl.tools
Preferences
Under active development Content is continuously updated and improved · Last updated Feb 18, 2026, 2:55 AM UTC
Compare

GV.RM.S4GV.RM.S4

>Control Description

Risk tolerance and risk appetite statements shall be established, communicated, and maintained. REs shall determine and clearly express their risk tolerance and risk acceptance. The risk tolerance of the REs shall be informed by their role in critical infrastructure and/ or sector specific risk analysis. REs shall maintain a risk register which shall be periodically reviewed by their IT Committee for REs.

>Cross-Framework Mappings

SCF

RSK-01.3
Compare
RSK-01.5
Compare
RSK-04.1
Compare

Ask AI

Configure your API key to use AI features.