IAO-02.2—Specialized Assessments
Weight: 9
>Control Description
Mechanisms exist to conduct specialized assessments for:
(1) Statutory, regulatory and contractual compliance obligations;
(2) Monitoring capabilities;
(3) Mobile devices;
(4) Databases;
(5) Application security;
(6) Embedded technologies (e.g., IoT, OT, etc.);
(7) Vulnerability management;
(8) Malicious code;
(9) Insider threats;
(10) Performance/load testing; and/or
(11) Artificial Intelligence and Autonomous Technologies (AAT).
>Cross-Framework Mappings
NIST AI RMF
SOC 2 TSC (Detailed)
Ask AI
Configure your API key to use AI features.