>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

EM-10Common Controls Framework

>Control Description

Organization maintains a Common Control Framework (CCF) that is used in the implementation of control measures as a risk mitigation strategy to support organization operations, technology infrastructure, and security management activities.

Theme

Process

Type

Preventive

Policy/Standard

Information Security Management Standard

>Implementation Guidance

1. Ensure that a control set is created to govern the organization's information security program. 2. Document the control set and ensure it is communicated with relevant stakeholders.

>Testing Procedure

1. Validate whether a control framework exists for managing the organization's information security program. 2. Ensure that this control set is documented and available to relevant stakeholders.

>Audit Artifacts

E-EM-17

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

SOC 2
2

CC5.1
CC5.2

Ask AI

Configure your API key to use AI features.