graphgrc

SCF - CHG-02.3 - Cybersecurity & Data Privacy Representative for Asset Lifecycle Changes

Mechanisms exist to include a cybersecurity and/or data privacy representative in the configuration change control review process.

Mapped framework controls

NIST 800-53

• CM-3(4)

SOC 2

• CC3.4

Control questions

Does the organization include a cybersecurity and/or data privacy representative in the configuration change control review process?

This site is open source. Improve this page.