Under active development — Content is continuously updated and improved

CPL-01—Statutory, Regulatory & Contractual Compliance

Weight: 10

>Control Description

Mechanisms exist to facilitate the identification and implementation of relevant statutory, regulatory and contractual controls.

>Cross-Framework Mappings

NIST SP 800-53 r5

NIST CSF 2.0

ISO 27001:2022

PCI DSS v4.0.1

SOC 2 TSC

NIST SP 800-171

FedRAMP Rev 5

NIST AI RMF

EU AI Act

Canada ITSP 10.171

OSFI B-13

Australia ISM

China Cybersecurity Law

India DPDPA

India SEBI Guidelines

New Zealand HISF

New Zealand HISF Suppliers

EU AI Act (Detailed)

Article 17.1(a)

EU DORA

Saudi Arabia IoT Guidelines

Saudi Arabia PDPL

Spain ENS

UK DEF STAN 05-138

SOC 2 TSC (Detailed)

GovRAMP

IMO Maritime Cyber Risk

ISO 27001:2022 (Detailed)

ISO 27002:2022

ISO 27701

ISO 29100

ISO 42001:2023 (Detailed)

NIST SP 800-161

NIST SP 800-171 Rev 3

NIST SP 800-218 SSDF

NIST AI 600-1

TISAX

Data Privacy Management Principles

FBI CJIS

US Data Privacy Framework

DHS TIC 3.0

DoD Zero Trust Roadmap

FCA CRM

609.930(c)(1)(ii)

GLBA (16 CFR 314)

HIPAA Simplification 2013

§ 164.306(d)(1)

§ 164.306(d)(2)

§ 164.314(a)(1)

§ 164.314(a)(2)(ii)

§ 164.504(g)(1)

§ 164.530(i)(1)

NERC CIP

CIP-003-8 1.1.9

CIP-003-8 1.2.6

Oregon CPA

Section 7(1)(b)

Texas CDPA

Virginia CDPA

Ask AI

Configure your API key to use AI features.