← NIST CSF 2.0 in plain English

GV.RR-02

Govern / Roles, Responsibilities, and Authorities

Roles, responsibilities, and authorities related to cybersecurity risk management are established, communicated, understood, and enforced.

Think of it likeAssigning chores and responsibilities at home.

In plain English

Everyone in the family knows what chores they are responsible for, and who to go to if they need help.