>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

RM-04Continuous Monitoring

>Control Description

The design and operating effectiveness of internal controls are continuously evaluated against the established Common Controls Framework by Organization. Corrective actions related to identified deficiencies are tracked to resolution.

Theme

Process

Type

Detective

Policy/Standard

Risk Management Standard

>Implementation Guidance

1. Ensure that a process is defined and documented for the continuous monitoring of internal controls against the common controls framework. 2. Ensure any gaps identified are remediated as per the organization's policy.

>Testing Procedure

1. Validate that a process is defined and documented for the continuous monitoring of internal controls against the common controls framework. 2. For sample gaps validate that they were remediated as per the organization's policy.

>Audit Artifacts

E-RM-07
E-RM-08

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

ISO 27001
3

9.1
9.3
10.1

ISO 27002:2022
1

5.29

FedRAMP Rev 5
2

CA-05
CA-07

PCI DSS
6

12.3
12.3.1
12.3.2
12.3.3
12.3.4
A3.3.3

HIPAA Security Rule
1

164.308(a)(8)

SOC 2
3

CC2.1
CC4.1
CC4.2

BSI C5
2

COM-02
COM-03

TX-RAMP
2

CA-5
CA-7

Ask AI

Configure your API key to use AI features.