graphgrc

SCF - GOV-03 - Periodic Review & Update of Cybersecurity & Data Protection Program

Mechanisms exist to review the cybersecurity & data privacy program, including policies, standards and procedures, at planned intervals or if significant changes occur to ensure their continuing suitability, adequacy and effectiveness.

Mapped framework controls

GDPR

• Art 32.1
• Art 32.2
• Art 32.3
• Art 32.4

ISO 27001

• 7.5.2.a
• 7.5.2.b
• 7.5.2.c
• 7.5.2

ISO 27002

• A.5.1
• A.5.37

SOC 2

• CC5.3

Control questions

Does the organization review the cybersecurity & data privacy program, including policies, standards and procedures, at planned intervals or if significant changes occur to ensure their continuing suitability, adequacy and effectiveness?

This site is open source. Improve this page.