All of the control sets offered in our Control Repository are industry standard frameworks or regulations. Many of these control frameworks are typically managed by stakeholders within the IT Security, Privacy, or Compliance functions in organizations. Content in the Control Repository can be linked to any of your custom Applications or any of LogicGate's Application Templates.
Below are links to each content offering, along with high-level descriptions of each:
- ISO 27001* - standard providing requirements for an information security management system (ISMS) and a framework for managing IT security
- ISO 27002* - collection of information security guidelines intended to help an organization implement, maintain, and improve its information security management (more detailed "control" content related to ISO 27001)
- ISO 27018* - controls for implementing measures to protect Personally Identifiable Information (PII) in the public cloud
- NIST Cybersecurity Framework - voluntary framework consisting of standards, guidelines, and best practices to manage cybersecurity-related risk
- NIST 800-53 - information security controls for federal information systems and organizations
- NIST 800-171 - recommended security requirements for protecting the confidentiality of Controlled Unclassified Information (CUI) in nonfederal systems and organizations
- SOC 2 Trust Services Criteria - requirements for implementing systems to assure the security, availability, processing integrity, confidentiality, and privacy of customer data
- PCI DSS - information security standard for organizations that handle payment cards (e.g., credit cards, debit cards) to protect cardholder data
- CIS Top 20 - cybersecurity best practices for defense against common threats
- 23 NYCRR 500 - cybersecurity regulation affecting entities regulated by the New York State Department of Financial Services
- HIPAA Security Standards (Subpart C) - national standards to protect individuals’ electronic personal health information
- GDPR - regulation to protect the personal data and privacy of EU citizens
- CCPA - statute to enhance privacy rights and consumer protection for residents of the state of California
We can provide mappings between the control sets listed above via the Secure Controls Framework, a comprehensive catalog of controls that maps across various statutory, regulatory, and contractual frameworks.
Also, coming soon, we will be able to offer control mappings via the HITRUST CSF for any customers who have their own MyCSF license.
Obtaining Control Repository Content
If you're interested in having any of these control sets loaded to your environment, please contact us at firstname.lastname@example.org or chat us via the in-app messenger.
*Please note that before any ISO content may be loaded in your environment, we will require confirmation that you have a valid license to the content.