>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

ID.AM-04Inventories of services provided by suppliers are maintained

>Control Description

This asset management subcategory ensures that inventories of services provided by suppliers are maintained. Key activities include: Inventory all external services used by the organization, including third-party infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), a...; Update the inventory when a new external service is going to be utilized to ensure adequate cybersecurity risk management monitoring of the organiz....

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
AC-20
Compare
SA-09
Compare
SR-02
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
12.8.1
Compare
12.8.3
Compare
12.8.4
Compare
12.8.5
Compare

ISO 27001:2022

via NIST OLIR Catalog
5.22
Compare

CIS Controls v8

15.1
Compare

SCF

TPM-01.1
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CCMv4.0

CCC-04
DCS-06
STA-07
UEM-02
UEM-04

CIS Controls v8.0

15.1

CIS Controls v8.1

15.1

CRI Profile v2.0

ID.AM-04
ID.AM-04.01

CSF v1.1

ID.AM-4

ISO/IEC 27001:2022

Mandatory Clause: None
Annex A Controls: 5.22

NICE Framework

DD-WRL-002
IO-WRL-002
IO-WRL-003
IO-WRL-004
IO-WRL-005
OG-WRL-011
OG-WRL-015

PCI DSS

12.8.1
12.8.5
12.8.3
12.8.4

SP 800-171 Rev 3

03.16.03
03.17.01

SP 800-53 Rev 5.1.1

AC-20
SA-09
SR-02

SP 800-53 Rev 5.2.0

AC-20
SA-09
SR-02

SP-800-37 Rev 2

RMF Prepare Step (System Level): TASK P-10 Asset Identification

Ask AI

Configure your API key to use AI features.