Policy Mapping - Map Regulations and Standards to your Policy for Gap Analysis and Compliance

Modified on Thu, 20 Jul, 2023 at 3:41 PM

Introduction

 

You can ensure your policies meet any regulatory or standard security certification (SOC2, ISO, PCI, HIPAA, etc.)   requirements by mapping controls to your policy. You also have the option to map Internal Controls to policies, however, internal controls that are already mapped to control requirements will auto-populate in the record. Once controls are mapped, you can see your policy connection in the control library for the purpose of gap analysis or print out your policy and see your control references. 


NOTE: C1Risk recommends using the Internal Controls mapping option. This option automatically links any regulatory or standard references that are linked to internal controls. This creates a more efficient process for compliance and gap analysis. LINK HERE

 

Mapping Control Library (Regulations and Standard Requirements)

 

  1. From your policy record main page, look for the Control Library Field and click on the magnifying glass to access your control library. NOTE: your policy must be in draft (open), or revision status. 


 

  1. Your Control Library will appear. Use the filters and keyword search to select the requirement(s) (obligation) and controls you wish to map.
  2. Select the controls using the checkbox (Use SHIFT+rightclick to select multiple controls).
  3. Click ‘Apply”


 

 

  1. Now your controls are mapped, and any connected internal controls will also be mapped to your policy.
  2. This can be viewed in the policy record and/or in the control library list view and in the specific control.
  3. Note in the policy record, filters are available to search for specific regulations and controls. 

Policy record/Control Library Tab


 

Policy record/Internal Controls Tab


Control Library List View


Control Library/Control Record



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article