>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

5.260.5(b)5.260.5(b)

>Control Description

At least annually, have its internal auditor or other independent entity with expertise in the field of cybersecurity perform and document observations, examinations, and inquiries of employees to verify the covered entity is following the cybersecurity best practices and procedures developed pursuant to subsection 3. A covered entity shall retain all documents prepared by the internal auditor pursuant to this paragraph in accordance with the requirements set forth in subsection 6. The same independent entity utilized under this paragraph may be utilized to perform the procedures set forth in paragraph (c) provided the procedures in this paragraph are performed by different employees.

>Cross-Framework Mappings

SCF

CPL-02.1
Compare
CPL-02.2
Compare
DCH-18
Compare

Ask AI

Configure your API key to use AI features.