PRI-05.7 ยท Personal Data (PD) Categories

Control Description

Mechanisms exist to define and implement data handling and protection requirements for specific categories of sensitive Personal Data (PD).

Control Question
Assessment question for control validation

Does the organization define and implement data handling and protection requirements for specific categories of sensitive Personal Data (PD)?

Control Weighting
5
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 2 - Operational
Core Control Designations
Special designations and baseline inclusions
MAD: PRI-05.7
AI Model: PRI-05.7