← NIST CSF 2.0 in plain English

GV.PO-02

Govern / Policy

Policy for managing cybersecurity risks is reviewed, updated, communicated, and enforced to reflect changes in requirements, threats, technology, and organizational mission.

Think of it likeUpdating house rules as the family grows.

In plain English

The family reviews and updates the house safety rules as new situations arise, like when a baby starts crawling, to keep everyone safe.