GOV-04—Assigned Cybersecurity & Data Protection Responsibilities

Weight: 10

>Control Description

Mechanisms exist to assign one or more qualified individuals with the mission and resources to centrally-manage, coordinate, develop, implement and maintain an enterprise-wide cybersecurity and data protection program.

>Control Description

>Cross-Framework Mappings

NIST SP 800-53 r5

NIST CSF 2.0

ISO 27001:2022

PCI DSS v4.0.1

SOC 2 TSC

NIST AI RMF

EU AI Act

OSFI B-13

Australia ISM

India DPDPA

India SEBI Guidelines

New Zealand HISF

New Zealand HISF Suppliers

EU AI Act (Detailed)

EU DORA

UK CAF

UK DEF STAN 05-138

SOC 2 TSC (Detailed)

IMO Maritime Cyber Risk

ISO 27001:2022 (Detailed)

ISO 27002:2022

ISO 27701

ISO 42001:2023 (Detailed)

NAIC Model Law 668

NIST SP 800-161

NIST SP 800-218 SSDF

TISAX

CISA CPG

CMMC 2.0 Level 1

FCA CRM

GLBA (16 CFR 314)

HIPAA Simplification 2013

NERC CIP

SEC Cybersecurity Rule

Nevada Regulation 5

NY DFS 23 NYCRR 500

Ask AI