graphgrc

SCF - AST-04 - Network Diagrams & Data Flow Diagrams (DFDs)

Mechanisms exist to maintain network architecture diagrams that:

• Contain sufficient detail to assess the security of the network’s architecture;
• Reflect the current architecture of the network environment; and
• Document all sensitive/regulated data flows.

  Mapped framework controls

  GDPR

• Art 30.1
• Art 30.2
• Art 30.3
• Art 30.4
• Art 30.5

ISO 27002

• A.5.9
• A.8.20

NIST 800-53

• PL-2
• SA-4(1)
• SA-4(2)

SOC 2

• CC2.1

Control questions

Does the organization maintain network architecture diagrams that:

• Contain sufficient detail to assess the security of the network’s architecture;
• Reflect the current architecture of the network environment; and
• Document all sensitive/regulated data flows?

This site is open source. Improve this page.