ID.IM-01—Improvements are identified from evaluations
>Control Description
This improvement subcategory ensures that improvements are identified from evaluations. Key activities include: Perform self-assessments of critical services that take current threats and TTPs into consideration; Invest in third-party assessments or independent audits of the effectiveness of the organization’s cybersecurity program to identify areas that nee...; Constantly evaluate compliance with selected cybersecurity requirements through automated means.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkAC-01
CompareAT-01
CompareAU-01
CompareCA-01
CompareCA-02
CompareCA-05
CompareCA-07
CompareCA-08
CompareCM-01
CompareCP-01
CompareCP-02
CompareIA-01
CompareIR-01
CompareIR-04
CompareIR-08
CompareMA-01
CompareMP-01
ComparePE-01
ComparePL-01
ComparePL-02
ComparePM-01
ComparePS-01
ComparePT-01
CompareRA-01
CompareRA-03
CompareRA-05
CompareRA-07
CompareSA-01
CompareSA-08
CompareSA-11
CompareSA-17(06)
CompareSC-01
CompareSI-01
CompareSI-02
CompareSI-04
CompareSR-01
CompareSR-05
CompareISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
A&A-02
A&A-03
A&A-04
A&A-05
CEK-09
SEF-04
SEF-05
STA-06
+2 more
CRI Profile v2.0
ID.IM-01
ID.IM-01.01
ID.IM-01.02
ID.IM-01.03
ID.IM-01.04
ID.IM-01.05
ISO/IEC 27001:2022
Mandatory Clause: 9.2
Mandatory Clause: 10.1
Mandatory Clause: 10.2
Annex A Controls: 5.35
NICE Framework
DD-WRL-004
DD-WRL-006
DD-WRL-007
DD-WRL-008
OG-WRL-016
PD-WRL-003
PCI DSS
12.4.2
12.4.2.1
12.3.1
12.3.4
SCF
CPL-03
CPL-03.2
IAO-02
IAO-05
TDA-09
TDA-09.1
TPM-04.1
TPM-08
SP 800-171 Rev 3
03.06.01
03.06.05
03.11.01
03.11.02
03.11.04
03.12.01
03.12.02
03.12.03
+6 more
SP 800-53 Rev 5.1.1
AC-01
AT-01
AU-01
CA-01
CM-01
CP-01
IA-01
IR-01
+29 more
SP 800-53 Rev 5.2.0
AC-01
AT-01
AU-01
CA-01
CM-01
CP-01
IA-01
IR-01
+29 more
SP-800-37 Rev 2
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-2 Risk Management Strategy
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-3 Risk Assessment—Organization
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-7 Continuous Monitoring Strategy—O
RMF Prepare Step (System Level): TASK P-14 Risk Assessment—System
RMF Assess Step: TASK A-3 Control Assessments
RMF Assess Step: TASK A-4 Assessment Reports
RMF Assess Step: TASK A-5 Remediation Actions
RMF Assess Step: TASK A-6 Plan of Action and Milestones
+1 more
Ask AI
Configure your API key to use AI features.