---
type: "term"
title: "GOVERN (GV)"
description: "The governance function in NIST CSF 2.0, operating at a strategic level to establish the overall cybersecurity risk management framework."
resource: "tlctc:term:govern-gv"
tags:
  - "glossary"
---
# GOVERN (GV)

The governance function in NIST CSF 2.0, operating at a strategic level to establish the overall cybersecurity risk management framework. GOVERN controls are "assurance controls" that create structure and context for other functions, including setting risk appetite, defining roles and responsibilities, and establishing policies. While GOVERN oversees threat categorization in the risk register, GV controls themselves don't directly counter specific threats but provide the strategic foundation for comprehensive risk management.

---