{ "authors": [ "The MONARC project" ], "label": "NIST Core", "language": "EN", "refs": [ "https://www.nist.gov/cyberframework/framework" ], "uuid": "fcf78560-3d12-42ba-8f4a-5761ca02ac94", "values": [ { "category": "Asset Management (ID.AM)", "code": "1_ID.AM-1", "label": "Physical devices and systems within the organization are inventoried", "uuid": "231fc2b1-80c2-450e-9d80-f804f5a8984c" }, { "category": "Asset Management (ID.AM)", "code": "1_ID.AM-2", "label": "Software platforms and applications within the organization are inventoried", "uuid": "f4f7466f-0ae6-4867-a2ee-6be4e1f02329" }, { "category": "Asset Management (ID.AM)", "code": "1_ID.AM-3", "label": "Organizational communication and data flows are mapped", "uuid": "b0cebf68-a023-40af-ba24-e59bd4a45c90" }, { "category": "Asset Management (ID.AM)", "code": "1_ID.AM-4", "label": "External information systems are catalogued", "uuid": "57e92f7c-f5ed-4611-a1be-d7f4e1456f9c" }, { "category": "Asset Management (ID.AM)", "code": "1_ID.AM-5", "label": "Resources (e.g., hardware, devices, data, and software) are prioritized based on their classification, criticality, and business value", "uuid": "50fc2488-b730-48ae-abf8-93e60f141404" }, { "category": "Asset Management (ID.AM)", "code": "1_ID.AM-6", "label": "Cybersecurity roles and responsibilities for the entire workforce and third-party stakeholders (e.g., suppliers, customers, partners) are established", "uuid": "766520fa-3439-4382-babc-eb7d9d6b1f52" }, { "category": "Business Environment (ID.BE)", "code": "1_ID.BE-1", "label": "The organization’s role in the supply chain is identified and communicated", "uuid": "46555297-7af1-4d59-ac07-6e627aef4dda" }, { "category": "Business Environment (ID.BE)", "code": "1_ID.BE-2", "label": "The organization’s place in critical infrastructure and its industry sector is identified and communicated", "uuid": "63f9f527-2c63-4fda-acda-7ebcf3025873" }, { "category": "Business Environment (ID.BE)", "code": "1_ID.BE-3", "label": "Priorities for organizational mission, objectives, and activities are established and communicated", "uuid": "1a422e41-50fc-4c74-b1e4-e3d40b7c82f3" }, { "category": "Business Environment (ID.BE)", "code": "1_ID.BE-4", "label": "Dependencies and critical functions for delivery of critical services are established", "uuid": "eaa4fb9d-e687-41a0-8d4b-1ca972bed10a" }, { "category": "Business Environment (ID.BE)", "code": "1_ID.BE-5", "label": "Resilience requirements to support delivery of critical services are established", "uuid": "75942c69-3336-4e82-bf59-515aaa6e3513" }, { "category": "Governance (ID.GV)", "code": "1_ID.GV-1", "label": "Organizational information security policy is established", "uuid": "7a4074cc-5b40-486a-9a52-6b49be7f95e6" }, { "category": "Governance (ID.GV)", "code": "1_ID.GV-2", "label": "Information security roles & responsibilities are coordinated and aligned with internal roles and external partners", "uuid": "29613b2e-8def-417e-85fa-31aa5ef5de3b" }, { "category": "Governance (ID.GV)", "code": "1_ID.GV-3", "label": "Legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations, are understood and managed", "uuid": "4e2499c0-d23d-4977-9e9f-6323af31be24" }, { "category": "Governance (ID.GV)", "code": "1_ID.GV-4", "label": "Governance and risk management processes address cybersecurity risks", "uuid": "d2e86e2d-5bec-42a2-b642-69995b6abcf0" }, { "category": "Risk Assessment (ID.RA)", "code": "1_ID.RA-1", "label": "Asset vulnerabilities are identified and documented", "uuid": "cc6aad46-1887-4da6-93e3-c707be07b9f5" }, { "category": "Risk Assessment (ID.RA)", "code": "1_ID.RA-2", "label": "Threat and vulnerability information is received from information sharing forums and sources", "uuid": "0550c268-534a-4311-920d-84466e4865c4" }, { "category": "Risk Assessment (ID.RA)", "code": "1_ID.RA-3", "label": "Threats, both internal and external, are identified and documented", "uuid": "1bad7834-b740-48ff-8450-5792b55614db" }, { "category": "Risk Assessment (ID.RA)", "code": "1_ID.RA-4", "label": "Potential business impacts and likelihoods are identified", "uuid": "7c09a9bf-407c-4509-94c0-af8314fc3b86" }, { "category": "Risk Assessment (ID.RA)", "code": "1_ID.RA-5", "label": "Threats, vulnerabilities, likelihoods, and impacts are used to determine risk", "uuid": "6d0bfd47-88dc-484a-aed8-196eaa12c4db" }, { "category": "Risk Assessment (ID.RA)", "code": "1_ID.RA-6", "label": "Risk responses are identified and prioritized", "uuid": "98ce2a28-d424-4436-8c41-2ec0e8d563fa" }, { "category": "Risk Management Strategy (ID.RM)", "code": "1_ID.RM-1", "label": "Risk management processes are established, managed, and agreed to by organizational stakeholders", "uuid": "e384f897-1b70-49a5-8491-24c035e1451f" }, { "category": "Risk Management Strategy (ID.RM)", "code": "1_ID.RM-2", "label": "Organizational risk tolerance is determined and clearly expressed", "uuid": "7a9f7d35-6714-4182-ae88-d9ff575224a6" }, { "category": "Risk Management Strategy (ID.RM)", "code": "1_ID.RM-3", "label": "The organization’s determination of risk tolerance is informed by its role in critical infrastructure and sector specific risk analysis", "uuid": "97331ab3-3365-4fb0-894c-578c460720fa" }, { "category": "Supply Chain Risk Management (ID.SC)", "code": "1_ID.SC-1", "label": "Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders", "uuid": "03dee2e6-285f-44e4-acc5-2388f62584a5" }, { "category": "Supply Chain Risk Management (ID.SC)", "code": "1_ID.SC-2", "label": "Suppliers and third party partners of information systems, components, and services are identified, prioritized, and assessed using a cyber supply chain risk assessment process", "uuid": "b9d19a14-74ab-46ae-8456-189d1a180dbf" }, { "category": "Supply Chain Risk Management (ID.SC)", "code": "1_ID.SC-3", "label": "Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and Cyber Supply Chain Risk Management Plan.", "uuid": "1e5aa8d3-b1e9-43e0-9e7e-54bdadac89ea" }, { "category": "Supply Chain Risk Management (ID.SC)", "code": "1_ID.SC-4", "label": "Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations.", "uuid": "f6d606f5-9a22-4a53-87c1-ebe36f4fe939" }, { "category": "Supply Chain Risk Management (ID.SC)", "code": "1_ID.SC-5", "label": "Response and recovery planning and testing are conducted with suppliers and third-party providers", "uuid": "aa988775-7261-412e-bbee-bfd90db78a59" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-1", "label": "Identities and credentials are managed for authorized devices and users", "uuid": "a6b301ed-e0c1-467d-8e42-e2796c64b785" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-2", "label": "Physical access to assets is managed and protected", "uuid": "382fe4f1-9f05-4169-a343-2c961a8cf359" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-3", "label": "Remote access is managed", "uuid": "7ec8092e-3e41-43e0-a8b2-c42b980dd29b" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-4", "label": "Access permissions are managed, incorporating the principles of least privilege and separation of duties", "uuid": "8feec5e9-c2b2-465b-8fa3-8b65b6a09fcb" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-5", "label": "Network integrity is protected, incorporating network segregation where appropriate", "uuid": "800fc6f9-e574-4152-89e6-30bae7da4adc" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-6", "label": "Identities are proofed and bound to credentials and asserted in interactions", "uuid": "d44d0823-1523-457a-b028-6ea0da3adb34" }, { "category": "Access Control (PR.AC)", "code": "2_PR.AC-7", "label": "Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)", "uuid": "14aab29b-4760-4f32-ad21-06367a8ea05e" }, { "category": "Awareness and Training (PR.AT)", "code": "2_PR.AT-1", "label": "All users are informed and trained", "uuid": "01d259f0-ece0-4f7c-91bf-d09844c576cc" }, { "category": "Awareness and Training (PR.AT)", "code": "2_PR.AT-2", "label": "Privileged users understand roles & responsibilities", "uuid": "6386d5df-56f8-46ad-b181-e870491004a5" }, { "category": "Awareness and Training (PR.AT)", "code": "2_PR.AT-3", "label": "Third-party stakeholders (e.g., suppliers, customers, partners) understand roles & responsibilities", "uuid": "4879e4fb-cd0e-4968-8dd2-4b6dbe977cdc" }, { "category": "Awareness and Training (PR.AT)", "code": "2_PR.AT-4", "label": "Senior executives understand roles & responsibilities", "uuid": "987e9304-80fd-4470-b8b4-213f41a0a957" }, { "category": "Awareness and Training (PR.AT)", "code": "2_PR.AT-5", "label": "Physical and information security personnel understand roles & responsibilities", "uuid": "92a81683-1877-48d3-9d5a-c7c0ddd9852b" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-1", "label": "Data-at-rest is protected", "uuid": "d798a390-f23a-4bbc-abe5-588ab58811c6" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-2", "label": "Data-in-transit is protected", "uuid": "38022045-6812-4623-8409-7a9d6b3f7ce8" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-3", "label": "Assets are formally managed throughout removal, transfers, and disposition", "uuid": "acfea27c-c6d5-421a-9ae4-2db82610cc41" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-4", "label": "Adequate capacity to ensure availability is maintained", "uuid": "e4380999-3c82-4b85-86cd-86f1f37f97ab" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-5", "label": "Protections against data leaks are implemented", "uuid": "e760c443-e572-43cb-bf5b-8aeb3b42ef65" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-6", "label": "Integrity checking mechanisms are used to verify software, firmware, and information integrity", "uuid": "e5b116b5-b806-4863-92ba-d8c2f477813b" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-7", "label": "The development and testing environment(s) are separate from the production environment", "uuid": "6604ef4c-a1d7-43d2-90e4-d2b8d97d880f" }, { "category": "Data Security (PR.DS)", "code": "2_PR.DS-8", "label": "Integrity checking mechanisms are used to verify hardware integrity", "uuid": "892d5462-ee77-4379-ab88-a78f3eff45c1" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-1", "label": "A baseline configuration of information technology/industrial control systems is created and maintained", "uuid": "30a7a092-3e00-4d33-aec2-66d019c2ff03" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-2", "label": "A System Development Life Cycle to manage systems is implemented", "uuid": "7cd438b8-038b-4f1f-a431-a1a1a83e009c" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-3", "label": "Configuration change control processes are in place", "uuid": "6f6442e8-952b-4a13-9e97-7c233a7b2a1c" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-4", "label": "Backups of information are conducted, maintained, and tested periodically", "uuid": "2e411d93-1836-4dbc-baf1-a747d2a9915a" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-5", "label": "Policy and regulations regarding the physical operating environment for organizational assets are met", "uuid": "f01b50b8-0e54-4f8f-afee-0ec56f788a42" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-6", "label": "Data is destroyed according to policy", "uuid": "0fd12bc3-c80d-4baa-bc1b-a7fbfb152f86" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-7", "label": "Protection processes are continuously improved", "uuid": "bb1c6655-a3fc-4d43-8e1b-50f5e418c1aa" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-8", "label": "Effectiveness of protection technologies is shared with appropriate parties", "uuid": "ac4be007-d8cb-4da5-9a84-118c2841a6f5" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-9", "label": "Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed", "uuid": "4fe097cd-e0c0-4698-a209-43ffb553a279" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-10", "label": "Response and recovery plans are tested", "uuid": "e4f85702-5874-4361-beec-45d00b379c5b" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-11", "label": "Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)", "uuid": "4279b240-b560-4632-a557-9af1322930fd" }, { "category": "Information Protection Processes and Procedures (PR.IP)", "code": "2_PR.IP-12", "label": "A vulnerability management plan is developed and implemented", "uuid": "48d2b0ff-ebc0-445b-8f20-3ae47d43242c" }, { "category": "Maintenance (PR.MA)", "code": "2_PR.MA-1", "label": "Maintenance and repair of organizational assets is performed and logged in a timely manner, with approved and controlled tools", "uuid": "6da92eea-2f74-458f-a643-361df7ea9f2f" }, { "category": "Maintenance (PR.MA)", "code": "2_PR.MA-2", "label": "Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access", "uuid": "831f20de-eadb-44a7-82f3-fcb116d8cb69" }, { "category": "Protective Technology (PR.PT)", "code": "2_PR.PT-1", "label": "Audit/log records are determined, documented, implemented, and reviewed in accordance with policy", "uuid": "3dcdd5d1-48e8-4b66-8567-65e0f0c8be4a" }, { "category": "Protective Technology (PR.PT)", "code": "2_PR.PT-2", "label": "Removable media is protected and its use restricted according to policy", "uuid": "0f278ef8-3a97-4e0e-bc30-66d530bdea47" }, { "category": "Protective Technology (PR.PT)", "code": "2_PR.PT-3", "label": "Access to systems and assets is controlled, incorporating the principle of least functionality", "uuid": "02cc6244-c9d8-4db1-aeb3-a05933207c9d" }, { "category": "Protective Technology (PR.PT)", "code": "2_PR.PT-4", "label": "Communications and control networks are protected", "uuid": "6b2a7cc7-c35a-4020-92d8-5935e1229676" }, { "category": "Protective Technology (PR.PT)", "code": "2_PR.PT-5", "label": "Mechanisms (e.g., failsafe, load balancing, hot swap) are implemented to achieve resilience requirements in normal and adverse situations", "uuid": "3e3e542a-67b2-4a77-b09b-9dc9b977cd8e" }, { "category": "Anomalies and Events (DE.AE)", "code": "3_DE.AE-1", "label": "A baseline of network operations and expected data flows for users and systems is established and managed", "uuid": "24ac8920-3747-45bb-b9d1-1ca0d1d84d3f" }, { "category": "Anomalies and Events (DE.AE)", "code": "3_DE.AE-2", "label": "Detected events are analyzed to understand attack targets and methods", "uuid": "69f50c12-9eab-4305-be4f-97a2002ccc0c" }, { "category": "Anomalies and Events (DE.AE)", "code": "3_DE.AE-3", "label": "Event data are aggregated and correlated from multiple sources and sensors", "uuid": "31dc508e-664e-4173-8757-00ec985115c8" }, { "category": "Anomalies and Events (DE.AE)", "code": "3_DE.AE-4", "label": "Impact of events is determined", "uuid": "3f6e72ed-2984-452d-badd-5563acbf0450" }, { "category": "Anomalies and Events (DE.AE)", "code": "3_DE.AE-5", "label": "Incident alert thresholds are established", "uuid": "52d551ef-7334-45a3-9dd7-0b8d239ba1f6" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-1", "label": "The network is monitored to detect potential cybersecurity events", "uuid": "9b355a55-73ce-4d55-8016-d93e3c555a55" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-2", "label": "The physical environment is monitored to detect potential cybersecurity events", "uuid": "dec6cf8c-1714-45f4-bfd2-23a049fb9b35" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-3", "label": "Personnel activity is monitored to detect potential cybersecurity events", "uuid": "a8f83595-0327-4e24-9557-0e8d9b82856f" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-4", "label": "Malicious code is detected", "uuid": "70e202bf-2270-4daf-8fb5-4f6fb10de979" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-5", "label": "Unauthorized mobile code is detected", "uuid": "54eeaae4-2b82-43ce-9a61-40d453116d8d" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-6", "label": "External service provider activity is monitored to detect potential cybersecurity events", "uuid": "bbb99e89-ee33-46fc-bc03-1582631210c4" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-7", "label": "Monitoring for unauthorized personnel, connections, devices, and software is performed", "uuid": "e4f36efd-2e64-4ee8-9fd1-af2bec0b68d0" }, { "category": "Security Continuous Monitoring (DE.CM)", "code": "3_DE.CM-8", "label": "Vulnerability scans are performed", "uuid": "ebc0b0f8-4403-481f-be4a-7f35ae3cb6be" }, { "category": "Detection Processes (DE.DP)", "code": "3_DE.DP-1", "label": "Roles and responsibilities for detection are well defined to ensure accountability", "uuid": "48a13f85-a811-43fa-a0e8-89f67fb2743f" }, { "category": "Detection Processes (DE.DP)", "code": "3_DE.DP-2", "label": "Detection activities comply with all applicable requirements", "uuid": "f9d1a926-5d39-4123-8b83-a94c21ff18e5" }, { "category": "Detection Processes (DE.DP)", "code": "3_DE.DP-3", "label": "Detection processes are tested", "uuid": "23e4c883-c358-4b64-8d7e-249c67b7f1f2" }, { "category": "Detection Processes (DE.DP)", "code": "3_DE.DP-4", "label": "Event detection information is communicated to appropriate parties", "uuid": "025611cb-8431-4a9c-a88c-039141472418" }, { "category": "Detection Processes (DE.DP)", "code": "3_DE.DP-5", "label": "Detection processes are continuously improved", "uuid": "ad0458f2-c836-4c7d-9d8f-6333fc6af2e9" }, { "category": "Response Planning (RS.RP)", "code": "4_RS.RP-1", "label": "Response plan is executed during or after an event", "uuid": "b237b4b1-a21a-4122-b4c8-e068ad58ef21" }, { "category": "Communications (RS.CO)", "code": "4_RS.CO-1", "label": "Personnel know their roles and order of operations when a response is needed", "uuid": "cce52cf2-aa85-4f33-8cb8-b0508f452c25" }, { "category": "Communications (RS.CO)", "code": "4_RS.CO-2", "label": "Events are reported consistent with established criteria", "uuid": "30ff804b-d8e2-44da-a49e-bb1a39e5f81a" }, { "category": "Communications (RS.CO)", "code": "4_RS.CO-3", "label": "Information is shared consistent with response plans", "uuid": "2d88bd60-ff72-40cc-a2b4-ae7c9cbd2a68" }, { "category": "Communications (RS.CO)", "code": "4_RS.CO-4", "label": "Coordination with stakeholders occurs consistent with response plans", "uuid": "34a2e449-b69d-4f75-a548-8c5faee598b5" }, { "category": "Communications (RS.CO)", "code": "4_RS.CO-5", "label": "Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness", "uuid": "bb37f7e5-ff5d-4b9a-a621-dfb26f3fccaf" }, { "category": "Analysis (RS.AN)", "code": "4_RS.AN-1", "label": "Notifications from detection systems are investigated", "uuid": "e6ab0d96-2ced-445d-a19f-97710b2cc346" }, { "category": "Analysis (RS.AN)", "code": "4_RS.AN-2", "label": "The impact of the incident is understood", "uuid": "0c7c3558-9c78-4bcc-816b-9123c899b653" }, { "category": "Analysis (RS.AN)", "code": "4_RS.AN-3", "label": "Forensics are performed", "uuid": "cf3d3d41-f0d5-4eb9-b6c5-537d72ea645a" }, { "category": "Analysis (RS.AN)", "code": "4_RS.AN-4", "label": "Incidents are categorized consistent with response plans", "uuid": "1ea30a61-92f4-4ae0-a349-3f947bf0dc94" }, { "category": "Analysis (RS.AN)", "code": "4_RS.AN-5", "label": "Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g. internal testing, security bulletins, or security researchers)", "uuid": "83c3ab70-566c-4bbe-a3b8-940d9fbb5ad7" }, { "category": "Mitigation (RS.MI)", "code": "4_RS.MI-1", "label": "Incidents are contained", "uuid": "2736e702-38ef-439d-9e8b-989ef56f8735" }, { "category": "Mitigation (RS.MI)", "code": "4_RS.MI-2", "label": "Incidents are mitigated", "uuid": "e94941eb-31da-40e0-b944-07c43233e7c0" }, { "category": "Mitigation (RS.MI)", "code": "4_RS.MI-3", "label": "Newly identified vulnerabilities are mitigated or documented as accepted risks", "uuid": "0de24c0a-53cb-4481-9b8d-fccc252e4f03" }, { "category": "Improvements (RS.IM)", "code": "4_RS.IM-1", "label": "Response plans incorporate lessons learned", "uuid": "01314572-becc-4780-945f-9ed3a40af900" }, { "category": "Improvements (RS.IM)", "code": "4_RS.IM-2", "label": "Response strategies are updated", "uuid": "f0753789-bcc3-4f66-9bb5-b6179bb367de" }, { "category": "Recovery Planning (RC.RP)", "code": "5_RC.RP-1", "label": "Recovery plan is executed during or after an event", "uuid": "0d124100-372e-429b-9e2f-d12211f005e1" }, { "category": "Improvements (RC.IM)", "code": "5_RC.IM-1", "label": "Recovery plans incorporate lessons learned", "uuid": "52ab8937-c260-4cf3-a807-ce1381afa4c9" }, { "category": "Improvements (RC.IM)", "code": "5_RC.IM-2", "label": "Recovery strategies are updated", "uuid": "421b5608-0f1d-4de5-b646-ff9538f8493f" }, { "category": "Communications (RC.CO)", "code": "5_RC.CO-1", "label": "Public relations are managed", "uuid": "771e3059-9eb4-4313-94b4-f0e8fa102498" }, { "category": "Communications (RC.CO)", "code": "5_RC.CO-2", "label": "Reputation after an event is repaired", "uuid": "ecde2384-2cdb-46cc-9a15-37ea9ee175ee" }, { "category": "Communications (RC.CO)", "code": "5_RC.CO-3", "label": "Recovery activities are communicated to internal stakeholders and executive and management teams", "uuid": "c8de5e1f-7893-42b3-852d-fa4f79bc68fa" } ], "version": 1, "version_ext": "1.1" }