Open iMichaela opened 1 year ago
A mapping-record
assembly which allows documenting a particular mapping relation for a control-implementation/implemented-requirements/by-components
or control-implementation/implemented-requirements/statements/by-components
needs to be researched and added to the SSP model and potentially to CDef model as well.
Problem Statement
The mapping of controls or statements of controls is needed in the SSP and possibly Component Definition so the results of the assessment against one regulatory framework can be used to automatically infer the compliance status against other mapped frameworks.
For each control satisfaction, by-component, a
mapping-record
assembly is needed to document: