GOV-15—Operationalizing Cybersecurity & Data Protection Practices
Weight: 9
>Control Description
Mechanisms exist to compel data and/or process owners to operationalize cybersecurity and data protection practices for each Technology Asset, Application and/or Service (TAAS) under their control.
>Cross-Framework Mappings
NIST AI RMF
EU AI Act
Canada ITSP 10.171
New Zealand HISF
EU AI Act (Detailed)
EU DORA
Spain ENS
SOC 2 TSC (Detailed)
NIST SP 800-171 Rev 3
NIST SP 800-171A Rev 3
45 CFR 155.260
CMMC 2.0 Level 1
FCA CRM
HIPAA Simplification 2013
SEC Cybersecurity Rule
Ask AI
Configure your API key to use AI features.