Manage your risk

Your team is responsible for keeping your capability or service secure.

Continuously manage risk

  • know what is happening
  • respond to changes
  • do regular assessments

Test your capability or service

  • check controls are working
  • do security testing