cpl-02-cybersecurity&dataprotectioncontrolsoversight.md

SCF - CPL-02 - Cybersecurity & Data Protection Controls Oversight

Mechanisms exist to provide a cybersecurity & data protection controls oversight function that reports to the organization's executive leadership.

Mapped framework controls

GDPR

• Art 5.2

ISO 27001

• 10.1
• 8.1

ISO 27002

• A.5.31
• A.5.36
• A.6.8
• A.8.34
• A.8.8

NIST 800-53

• CA-7(1)
• CA-7

SOC 2

• CC1.1
• CC2.2
• CC2.3

Control questions

Does the organization provide a cybersecurity & data protection controls oversight function that reports to the organization's executive leadership?