CPL-01.1: Non-Compliance Oversight

CPL-01.1 · Non-Compliance Oversight

Control Description

Mechanisms exist to document and review instances of non-compliance with statutory, regulatory and/or contractual obligations to develop appropriate risk mitigation actions.

Control Question

Assessment question for control validation

Does the organization document and review instances of non-compliance with statutory, regulatory and/or contractual obligations to develop appropriate risk mitigation actions?

Control Weighting

Validation Cadence

Semi-Annual

NIST CSF Function

Respond

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 2 - Operational

Core Control Designations

Special designations and baseline inclusions

MAD: CPL-01.1

ESP Level 2: CPL-01.1

ESP Level 3: CPL-01.1

AI Model: CPL-01.1

Additional Metadata

Applicability (Process):