>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

SG-16Enterprise Data Catalog

>Control Description

Organization maintains an enterprise data catalog that encompasses key organizational data, environment metadata, and product information to facilitate continuous monitoring of the internal control environment. The enterprise data catalog is updated as part of the continuous monitoring process and upon the introduction of new service offerings and acquisitions.

Theme

Process

Type

Preventive

Policy/Standard

Information Security Management Standard

>Implementation Guidance

1. Ensure there is a documented enterprise data catalogue which consists of details that include but not limited to: key organizational data, environment metadata, and product information to facilitate continuous monitoring of the internal control environment. 2. Ensure that the documented enterprise data catalogue is reviewed and updated annually or as in when required.

>Testing Procedure

1. Inspect the Enterprise Data Catalog to determine that it includes key organizational data, environment metadata, and product information to facilitate continuous monitoring of the internal control environment. 2. Inspect that the data catalog is reviewed and updated periodically and further, upon the introduction of new service offerings and acquisitions.

>Audit Artifacts

E-SG-16

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

CIS Controls
1

3.2

Ask AI

Configure your API key to use AI features.