>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

TPM-05.6First-Party Declaration (1PD)

Weight: 7

>Control Description

Mechanisms exist to obtain a First-Party Declaration(1PD) from applicable External Service Providers (ESPs) that provides assurance of compliance with specified statutory, regulatory and contractual obligations for cybersecurity and data protection controls, including any flow-down requirements to subcontractors.

>Cross-Framework Mappings

NIST CSF 2.0

GV.SC-06
Compare

SOC 2 TSC

CC3.2
Compare
CC9.2
Compare

Canada ITSP 10.171

03.01.20.C.01
Compare
03.16.03.C
Compare

India SEBI Guidelines

PR.IP.S5
Compare

Saudi Arabia IoT Guidelines

4-1-2
Compare

SOC 2 TSC (Detailed)

CC3.2-POF8
Compare
CC9.2-POF9
Compare
CC9.2-POF10
Compare
CC9.2-POF11
Compare
CC9.2-POF12
Compare

NIST SP 800-171 Rev 3

03.01.20.c.01
Compare
03.16.03.c
Compare

NIST SP 800-171A Rev 3

A.03.16.03.c
Compare

TISAX

8.2.2
Compare

HIPAA Simplification 2013

§ 164.308(b)(2)
Compare
§ 164.502(e)(1)(i)
Compare
§ 164.502(e)(1)(ii)
Compare

NY DFS 23 NYCRR 500

500.4(b)(1)
Compare
500.4(b)(2)
Compare
500.4(b)(3)
Compare
500.4(b)(4)
Compare
500.4(b)(5)
Compare
500.11(a)(3)
Compare
500.11(b)(4)
Compare

Ask AI

Configure your API key to use AI features.