CPL-02.3 ยท Corrective Action

Control Description

Mechanisms exist to take corrective action to remediate instances of non-conformity with applicable statutory, regulatory, and/or contractual compliance obligations.

Control Question
Assessment question for control validation

Does the organization take corrective action to remediate instances of non-conformity with applicable statutory, regulatory, and/or contractual compliance obligations?

Control Weighting
7
Validation Cadence
Semi-Annual
NIST CSF Function
Govern
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 3 - Tactical
Core Control Designations
Special designations and baseline inclusions
MAD: CPL-02.3
AI Model: CPL-02.3
Additional Metadata
Applicability (Process):
x