graphgrc

SCF - CPL-03.2 - Functional Review Of Cybersecurity & Data Protection Controls

Mechanisms exist to regularly review technology assets for adherence to the organization’s cybersecurity & data protection policies and standards.

Mapped framework controls

ISO 27002

• A.5.35
• A.5.36
• A.8.8

NIST 800-53

• CA-2
• RA-3

SOC 2

• CC4.1

Control questions

Does the organization regularly review technology assets for adherence to the organization’s cybersecurity & data protection policies and standards?

This site is open source. Improve this page.