PM-29: Risk Management Program Leadership Roles
Control is new to this version of the control set.
- Appoint a Senior Accountable Official for Risk Management to align organizational information security and privacy management processes with strategic, operational, and budgetary planning processes; and
- Establish a Risk Executive (function) to view and analyze risk from an organization-wide perspective and ensure management of risk is consistent across the organization.
The senior accountable official for risk management leads the risk executive (function) in organization-wide risk management activities.