>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

Article 28.3Article 28.3

>Control Description

The security measures referenced in Annex II may be replaced by other compensatory measures, as long as it is documented that they protect, equally or better, from the risk on assets (Annex I) and the basic principles and minimum requirements are satisfied. provided for in chapters II and III. As an integral part of the Declaration of Applicability, the correspondence between the compensatory measures implemented and the measures in Annex II that compensate will be indicated in detail. The set will be subject to formal approval by the person responsible for security. A CCN-STIC Guide of those provided for in the second additional provision will guide the selection of said measures, as well as their registration and inclusion in the Declaration of Applicability.

>Cross-Framework Mappings

SCF

GOV-15.1
Compare

Ask AI

Configure your API key to use AI features.