>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAO-02Assessments

Weight: 10

>Control Description

Mechanisms exist to formally assess the cybersecurity and data protection controls in Technology Assets, Applications and/or Services (TAAS) through Information Assurance Program (IAP) activities to determine the extent to which the controls are implemented correctly, operating as intended and producing the desired outcome with respect to meeting expected requirements.

>Cross-Framework Mappings

NIST SP 800-53 r5

CA-2
Compare

NIST CSF 2.0

ID.IM-01
Compare
ID.IM-02
Compare
ID.RA-01
Compare

SOC 2 TSC

CC4.1
Compare
CC6.1
Compare

CMMC v2.0

CA.L2-3.12.1
Compare

NIST SP 800-171

3.12.1
Compare

FedRAMP Rev 5

CA-2
Compare

NIST AI RMF

MEASURE-2.0

EU AI Act

Art. 9(8)
Compare

Canada ITSP 10.171

03.12.01
Compare

OSFI B-13

2.4.4
Compare

Australia ISM

ISM-0100
Compare

China Cybersecurity Law

Article 35
Compare

India SEBI Guidelines

PR.AA.S16
Compare

New Zealand HISF

HSUP59
Compare
HHSP68
Compare
HML67
Compare

New Zealand HISF Suppliers

HSUP59
Compare

EU AI Act (Detailed)

Article 9.8
Compare

Saudi Arabia IoT Guidelines

2-15-2
Compare
4-1-5
Compare
4-2-3
Compare
4-2-4
Compare

UK DEF STAN 05-138

1205.0
Compare

SOC 2 TSC (Detailed)

CC4.1
Compare
CC4.1-POF8
Compare
CC6.1-POF2
Compare

GovRAMP

CA-02
Compare

ISO 27002:2022

5.21
Compare
5.23
Compare
8.29
Compare

ISO 42001:2023 (Detailed)

A.6.2.5
Compare

NIST SP 800-161

CA-2
Compare

NIST SP 800-171 Rev 3

03.12.01
Compare

TISAX

5.3.1
Compare

CISA CPG

1.F
Compare
2.Q
Compare

HIPAA Simplification 2013

§ 164.308(a)(8)
Compare

Ask AI

Configure your API key to use AI features.