Mechanisms exist to provide a cybersecurity and data protection controls oversight function that reports to the organization's executive leadership.
Control Question
Assessment question for control validation
Does the organization provide a cybersecurity and data protection controls oversight function that reports to its executive leadership?
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: CPL-02
ESP Level 1: CPL-02
ESP Level 2: CPL-02
ESP Level 3: CPL-02