DCH-05.6 ยท Data Subject Attribute Associations

Control Description

Mechanisms exist to require personnel to associate and maintain the association of cybersecurity and data protection attributes with individuals and objects in accordance with cybersecurity and data protection policies.

Control Question
Assessment question for control validation

Does the organization require personnel to associate and maintain the association of cybersecurity and data protection attributes with individuals and objects in accordance with cybersecurity and data protection policies?

Control Weighting
2
Validation Cadence
Annual
NIST CSF Function
Protect
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 3 - Tactical
Additional Metadata
Applicability (Process):
x
Errata & Additional Notes

- wordsmithed control