>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

ID.IM-02Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties

>Control Description

This improvement subcategory ensures that improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties. Key activities include: Identify improvements for future incident response activities based on findings from incident response assessments (e; Identify improvements for future business continuity, disaster recovery, and incident response activities based on exercises performed in coordinat...; Involve internal stakeholders (e.

>Cross-Framework Mappings

NIST SP 800-53 r5

via NIST CSF 2.0 Concept Crosswalk
AC-01
Compare
AT-01
Compare
AU-01
Compare
CA-01
Compare
CA-02
Compare
CA-05
Compare
CA-07
Compare
CA-08
Compare
CM-01
Compare
CP-01
Compare
CP-02
Compare
CP-04
Compare
IA-01
Compare
IR-01
Compare
IR-03
Compare
IR-04
Compare
IR-08
Compare
MA-01
Compare
MP-01
Compare
PE-01
Compare
PL-01
Compare
PL-02
Compare
PM-01
Compare
PM-04
Compare
PM-31
Compare
PS-01
Compare
PT-01
Compare
RA-01
Compare
RA-03
Compare
RA-05
Compare
RA-07
Compare
SA-01
Compare
SA-08
Compare
SA-11
Compare
SC-01
Compare
SI-01
Compare
SI-02
Compare
SI-04
Compare
SR-01
Compare
SR-05
Compare

PCI DSS v4.0.1

via NIST OLIR Catalog
11.4.4
Compare
12.10.2
Compare
12.10.6
Compare
12.8.4
Compare

ISO 27001:2022

via NIST OLIR Catalog
5.19
Compare
5.35
Compare

SOC 2 TSC

CC4.1
Compare

CIS Controls v8

17.7
Compare

SCF

BCD-05
Compare
CPL-03
Compare
CPL-03.2
Compare
IAO-02
Compare
IAO-02.4
Compare
IAO-05
Compare
IRO-13
Compare
TDA-09
Compare
TDA-09.1
Compare
TPM-04.1
Compare
TPM-08
Compare

>Informative References

Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0

CCMv4.0

BCR-06
BCR-07
BCR-10
SEF-01
SEF-03
SEF-04
SEF-05
STA-14
+2 more

CIS Controls v8.0

17.7

CIS Controls v8.1

17.7

CRI Profile v2.0

ID.IM-02
ID.IM-02.01
ID.IM-02.02
ID.IM-02.03
ID.IM-02.04
ID.IM-02.05
ID.IM-02.06
ID.IM-02.07
+2 more

CSF v1.1

ID.SC-5
PR.IP-10
DE.DP-3

CoP

D2

ISO/IEC 27001:2022

Mandatory Clause: 9.2
Mandatory Clause: 9.3
Mandatory Clause: 10.1
Mandatory Clause: 10.2
Annex A Controls: 5.19
Annex A Controls: 5.35

NICE Framework

DD-WRL-004
DD-WRL-006
DD-WRL-007
OG-WRL-009
OG-WRL-016
PD-WRL-003

PCI DSS

12.10.2
12.10.6
11.4.4
12.8.4

SCF

BCD-05
CPL-03
CPL-03.2
IAO-02
IAO-05
IRO-13
TDA-09
TDA-09.1
+2 more

SP 800-171 Rev 3

03.06.01
03.06.03
03.06.05
03.11.01
03.11.02
03.11.04
03.12.01
03.12.02
+7 more

SP 800-221A

GV.CT-3

SP 800-53 Rev 5.1.1

AC-01
AT-01
AU-01
CA-01
CM-01
CP-01
IA-01
IR-01
+32 more

SP 800-53 Rev 5.2.0

AC-01
AT-01
AU-01
CA-01
CM-01
CP-01
IA-01
IR-01
+32 more

SP-800-37 Rev 2

RMF Prepare Step (Organization & Mission/Business Levels): TASK P-2 Risk Management Strategy
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-3 Risk Assessment—Organization
RMF Prepare Step (Organization & Mission/Business Levels): TASK P-7 Continuous Monitoring Strategy—O
RMF Prepare Step (System Level): TASK P-14 Risk Assessment—System
RMF Assess Step: TASK A-3 Control Assessments
RMF Assess Step: TASK A-4 Assessment Reports
RMF Assess Step: TASK A-5 Remediation Actions
RMF Assess Step: TASK A-6 Plan of Action and Milestones
+1 more

Ask AI

Configure your API key to use AI features.