>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

RSK-02Risk-Based Security Categorization

Weight: 9

>Control Description

Mechanisms exist to categorize Technology Assets, Applications, Services and/or Data (TAASD) in accordance with applicable laws, regulations and contractual obligations that: (1) Document the security categorization results (including supporting rationale) in the security plan for systems; and (2) Ensure the security categorization decision is reviewed and approved by the asset owner.

>Cross-Framework Mappings

NIST SP 800-53 r5

RA-2
Compare

NIST CSF 2.0

ID.AM

ISO 27001:2022

6.1.2(d)(3)
Compare

PCI DSS v4.0.1

9.4.2
Compare

CIS Controls v8

16.6
Compare

SOC 2 TSC

CC3.2
Compare

FedRAMP Rev 5

RA-2
Compare

Canada ITSP 10.171

03.11.01.A
Compare

SOC 2 TSC (Detailed)

CC3.2
Compare

CIS Controls v8.1 (Detailed)

16.6
Compare

GovRAMP

RA-02
Compare

ISO 27001:2022 (Detailed)

6.1.2(d)(3)
Compare

ISO 27701

6.1.2(e)(2)
Compare

NIST SP 800-161

RA-2
Compare

NIST SP 800-171 Rev 3

03.11.01.a
Compare

HIPAA Simplification 2013

§ 164.306(b)(2)(iv)
Compare

SEC Cybersecurity Rule

17 CFR 229.105(a)
Compare
17 CFR 229.105(b)
Compare

NY DFS 23 NYCRR 500

500.9(b)(3)
Compare

Ask AI

Configure your API key to use AI features.