CPL-03—Cybersecurity & Data Protection Assessments

Weight: 10

>Control Description

Mechanisms exist to regularly review processes and documented procedures to ensure conformity with the organization's cybersecurity and data protection policies, standards and other applicable requirements.

>Control Description

>Cross-Framework Mappings

NIST SP 800-53 r5

NIST CSF 2.0

ISO 27001:2022

PCI DSS v4.0.1

SOC 2 TSC

CMMC v2.0

NIST SP 800-171

NIST AI RMF

Canada ITSP 10.171

India SEBI Guidelines

Spain ENS

SOC 2 TSC (Detailed)

GovRAMP

IMO Maritime Cyber Risk

ISO 27001:2022 (Detailed)

ISO 27002:2022

NAIC Model Law 668

NIST SP 800-161

NIST SP 800-171 Rev 3

NIST SP 800-171A Rev 3

NIST SP 800-172

TISAX

Data Privacy Management Principles

DoD Zero Trust Roadmap

GLBA (16 CFR 314)

HIPAA Simplification 2013

Nevada Regulation 5

NY DFS 23 NYCRR 500

Ask AI