PR.IP: Information Protection Processes and Procedures

Warning icon.

Category is withdrawn in the next version of this framework.

Description

Security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organizational entities), processes, and procedures are maintained and used to manage protection of information systems and assets.

Framework Subcategories