>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

EM-09Information Security Compliance Review

>Control Description

Information Security compliance results are reported to the Audit Committee by the Chief Security Officer on a quarterly basis and support information security compliance certifications

Theme

Process

Type

Preventive

Policy/Standard

Information Systems Operations Policy

>Implementation Guidance

1. Ensure Minutes of Meetings to be documented stating the compliance results on a quarterly basis. 2. Ensure results of current security compliance status and issues identified as a part of audit are reported to the Audit Committee in the form of PowerPoints, documents, etc.

>Testing Procedure

1. Obtain and inspect evidence that quarterly Information Security compliance results were reported to the Audit Committee.

>Audit Artifacts

E-EM-16

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

FedRAMP Rev 5
1

AU-07

SOC 2
1

CC4.2

Ask AI

Configure your API key to use AI features.