TDA-02.7 ยท Cybersecurity & Data Privacy Representatives For Product Changes

Control Description

Mechanisms exist to include appropriate cybersecurity and data privacy representatives in the product feature and/or functionality change control review process.

Control Question
Assessment question for control validation

Does the organization include appropriate cybersecurity and data privacy representatives in the product feature and/or functionality change control review process?

Control Weighting
10
Validation Cadence
Annual
NIST CSF Function
Identify
Supply Chain Risk Management (SCRM) Tiers
Applicable SCRM tier levels for this control
Tier 1 - Strategic
Tier 2 - Operational
Additional Metadata
Applicability (Process):
x