Direct links from the subject.
| Property | Value |
|---|---|
|
The subject is an instance of a class. |
|
|
The subject is an instance of a class. |
An idea or notion; a unit of thought. |
|
A human-readable name for the subject. |
ID.IM-02.1: Security tests and exercises, including those conducted with suppliers and relevant third parties, shall be used to identify areas for improvement. |
|
ID.IM-02.1 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_IMPORTANT_E_p53 |
|
|
http://cyfun.data.gift/data/loc_CyFun2025_Booklet_ESSENTIAL_E_p73 |
|
|
Relates a concept to a concept that is more general in meaning. |
|
|
A general note, for any purpose. |
The goal of this control is to identify opportunities for improving security, incident response, and resilience by conducting security tests and exercises — internally and in collaboration with suppliers and third parties. In OperationalTechnology(OT) environments, these activities are essential to ensure preparedness for incidents that could impact physical operations, safety, or service continuity. To achieve this goal, the organisation should: - Assess Incident Response Readiness Security tests such as tabletop exercises, simulations, internal reviews, and audits should be used to identify improvements in incident response procedures. - Coordinate with External Parties Exercises involving critical service providers and product suppliers should be conducted to strengthen business continuity, disaster recovery, and incident response capabilities. - Engage Internal Stakeholders Relevant internal roles, including senior executives, legal, and HR, should be involved in exercises to ensure broad organisational awareness and alignment. - Conduct Penetration Testing High-risk systems should undergo penetration testing to identifyvulnerabilities. These tests should be pre- approved by leadership. - Test Contingency Plans Plans for responding to unauthorised or tampered products or services should be tested and refined to ensure effective recovery. - Ensure Conformance and Compliance All testing activities should conform to internal procedures and comply with applicable laws, regulations, and industry standards. |
|
A general note, for any purpose. |
The goal of this control is to identify opportunities for improving security, incident response, and resilience by conducting security tests and exercises — internally and in collaboration with suppliers and third parties. In OperationalTechnology(OT) environments, these activities are essential to ensure preparedness for incidents that could impact physical operations, safety, or service continuity. To achieve this goal, the organisation should: • Assess Incident Response Readiness Security tests such as tabletop exercises, simulations, internal reviews, and audits should be used to identify improvements in incident response procedures. • Coordinate with External Parties Exercises involving critical service providers and product suppliers should be conducted to strengthen business continuity, disaster recovery, and incident response capabilities. • Engage Internal Stakeholders Relevant internal roles, including senior executives, legal, and HR, should be involved in exercises to ensure broad organisational awareness and alignment. • Conduct Penetration Testing High-risk systems should undergo penetration testing to identifyvulnerabilities. These tests should be pre- approved by leadership. • Test Contingency Plans Plans for responding to unauthorised or tampered products or services should be tested and refined to ensure effective recovery. • Ensure Conformance and Compliance All testing activities should conform to internal procedures and comply with applicable laws, regulations, and industry standards. |
|
A general note, for any purpose. |
The goal of this control is to identify opportunities for improving security, incident response, and resilience by conducting security tests and exercises — internally and in collaboration with suppliers and third parties. In OperationalTechnology(OT) environments, these activities are essential to ensure preparedness for incidents that could impact physical operations, safety, or service continuity. To achieve this goal, the organisation should: - Assess Incident Response Readiness Security tests such as tabletop exercises, simulations, internal reviews, and audits should be used to identify improvements in incident response procedures. - Coordinate with External Parties Exercises involving critical service providers and product suppliers should be conducted to strengthen business continuity, disaster recovery, and incident response capabilities. - Engage Internal Stakeholders Relevant internal roles, including senior executives, legal, and HR, should be involved in exercises to ensure broad organisational awareness and alignment. - Conduct Penetration Testing High-risk systems should undergo penetration testing to identifyvulnerabilities. These tests should be pre- approved by leadership. - Test Contingency Plans Plans for responding to unauthorised or tampered products or services should be tested and refined to ensure effective recovery. - Ensure Conformance and Compliance All testing activities should conform to internal procedures and comply with applicable laws, regulations, and industry standards. |
|
A general note, for any purpose. |
<div><p>The goal of this control is to identify opportunities for improving security, incident response, and resilience by conducting security tests and exercises — internally and in collaboration with suppliers and third parties. In OperationalTechnology(OT) environments, these activities are essential to ensure preparedness for incidents that could impact physical operations, safety, or service continuity. To achieve this goal, the organisation should:</p><ul><li>Assess Incident Response Readiness Security tests such as tabletop exercises, simulations, internal reviews, and audits should be used to identify improvements in incident response procedures.</li><li>Coordinate with External Parties Exercises involving critical service providers and product suppliers should be conducted to strengthen business continuity, disaster recovery, and incident response capabilities.</li><li>Engage Internal Stakeholders Relevant internal roles, including senior executives, legal, and HR, should be involved in exercises to ensure broad organisational awareness and alignment.</li><li>Conduct Penetration Testing High-risk systems should undergo penetration testing to identifyvulnerabilities. These tests should be pre- approved by leadership.</li><li>Test Contingency Plans Plans for responding to unauthorised or tampered products or services should be tested and refined to ensure effective recovery.</li><li>Ensure Conformance and Compliance All testing activities should conform to internal procedures and comply with applicable laws, regulations, and industry standards.</li></ul></div> |
|
A notation, also known as classification code, is a string of characters such as "T58.5" or "303.4833" used to uniquely identify a concept within the scope of a given concept scheme. |
ID.IM-02.1 |
|
skos:prefLabel, skos:altLabel and skos:hiddenLabel are pairwise disjoint properties. |
Security testing and exercises |
|
A resource has no more than one value of skos:prefLabel per language tag, and no more than one value of skos:prefLabel without language tag. |
Security tests and exercises, including those conducted with suppliers and relevant third parties, shall be used to identify areas for improvement. |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
http://cyfun.data.gift/data/CyFun2025_delta_BASIC_to_IMPORTANT |
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
Relates a resource (for example a concept) to a concept scheme in which it is included. |
|
|
The number of triples associated with the subject. |
19 |
|
Specifies the dataset the subject is part of. |
Resultaten 1 - 21 of 21
Inverse links to the subject.
| Property | Subject |
|---|---|
|
Relates a concept to a concept that is more specific in meaning. |
Resultaten 1 - 1 of 1