Manage your security control frameworks
| Control ID | Title | Domain | Status | Maturity | Effectiveness | Owner | Evidence | |
|---|---|---|---|---|---|---|---|---|
| A.5.1 | Policies for information security | Organisational | Implemented | 4/5 | CISO | 3 | ||
| A.5.15 | Access control | Organisational | Implemented | 4/5 | IT Ops | 5 | ||
| A.5.23 | Information security for use of cloud services | Organisational | Implemented | 3/5 | CTO | 2 | ||
| A.6.1 | Screening | People | Implemented | 3/5 | HR Dept | 4 | ||
| A.6.3 | Information security awareness, education and training | People | Partial | 2/5 | HR Dept | 1 | ||
| A.7.1 | Physical security perimeters | Physical | Implemented | 4/5 | Facilities | 2 | ||
| A.7.4 | Physical security monitoring | Physical | Partial | 2/5 | Facilities | 1 | ||
| A.8.2 | Privileged access rights | Technological | Implemented | 4/5 | IT Ops | 4 | ||
| A.8.8 | Management of technical vulnerabilities | Technological | Partial | 2/5 | Dev Lead | 2 | ||
| A.8.15 | Logging | Technological | Implemented | 3/5 | IT Ops | 3 | ||
| A.8.23 | Web filtering | Technological | Not Implemented | 0/5 | Unassigned | 0 | ||
| A.8.28 | Secure coding | Technological | Planned | 1/5 | Dev Lead | 0 |