prm-01-cybersecurity&dataprivacyportfoliomanagement.md

SCF - PRM-01 - Cybersecurity & Data Privacy Portfolio Management

Mechanisms exist to facilitate the implementation of cybersecurity & data privacy-related resource planning controls that define a viable plan for achieving cybersecurity & data privacy objectives.

Mapped framework controls

GDPR

• Art 32.1
• Art 32.2

ISO 27001

• 5.1.e

ISO 27002

• A.5.4
• A.5.8

NIST 800-53

• PL-1

SOC 2

• CC2.2
• CC3.1
• CC3.4
• CC5.2
• P5.0

Control questions

Does the organization facilitate the implementation of cybersecurity & data privacy-related resource planning controls that define a viable plan for achieving cybersecurity & data privacy objectives?