Mapping a Control

Estimated reading: 4 minutes 157 views

Why do I need to map a control?

Mapping a control in TrustOps is easy. TrustCloud’s common controls framework maps a comprehensive set of certified standards controls to your custom controls. But overall, mapping controls to compliance standards is imperative for organizations seeking to ensure the integrity, security, and legality of their operations. Compliance standards, such as SOC 2, GDPR, HIPAA, and PCI DSS, serve as crucial frameworks that define industry-specific security measures. Aligning internal controls with these standards helps organizations adhere to legal requirements, mitigates risks associated with information security, and builds stakeholder trust.

TrustCloud provides you with a comprehensive set of controls to get certified against several out-of-the-box standards. TrustCloud’s common controls framework maps these for you, but these mappings can change over time, so to resolve this, TrustOps enables you to remap TCCF and custom controls as part of the editing process.

By mapping controls in TrustOps, companies can establish a standardized approach to security, creating a foundation for continuous improvement and demonstrating a commitment to best practices. This process not only safeguards against legal consequences and penalties but also fosters a culture of vigilance, allowing organizations to proactively address emerging threats and maintain the highest standards of data protection.

In TrustOps, mapping controls to compliance standards is vital for harmonizing security practices with industry regulations. This ensures adherence to legal requirements, bolsters stakeholder trust, and facilitates a unified approach to information security. By aligning with compliance standards, TrustOps organizations enhance their risk management, streamline operations, and fortify their commitment to maintaining the highest standards of trust and security.
Ultimately, mapping controls to compliance standards in TrustOps can be a strategic imperative for organizations aiming to navigate the complex landscape of information security while meeting regulatory expectations.

How do I find the mapping?

From Main Controls List

  1. Navigate to the controls section in your TrustOps program.
  2. To view a control mapping, click on the “Show Mapping to” drop-down menu in the top left corner of the table. This creates a filter to show you the controls specific to each standard.
    The following screenshot shows a filter “Show mapping to” drop-down menu.
    TO Controls Mapping A Control

From a Control’s details page

To view specific control standard mappings,

  1. Click on any control from the controls list.
  2. Go to tab “Standards”.
    The following screenshot shows the standards mapped in your program.
    TO Controls Show Mapping Standards 02
  3. The “Standards” tab also shows the standards that are not mapped to that particular control in your program.
    The following screenshot shows the standards mapped to this control that are not in your program.

    TO Controls Standards Not In Program 03

From Audit Dashboard

Control mapping can also be viewed on the audit dashboard in TrustOps.

  1. Go to “Audits”.
  2. Click on “Overview”.
  3. Select any standard and click on “View Details” button in front of it.
    The following screenshot shows the control mapping for SOC 2 standard.
    TO Controls Show Mapping Standards Audit Dashboard 05

Edit Control Mapping

  1. Go to “Controls” page.
  2. Select a specific control and click on the three dots in the top-right corner.
  3. Select “Edit Control” and update the standards mapping via the window available.
    The following screenshot shows how to edit a control.
    TO Controls Edit Control 06
  4. Make changes and click on “Update Control” button.
    The following screenshot shows how to update a control.
    TO Controls Update Control 07

NOTE: We do not recommend you update these mappings during an audit.

Mapping a Control

  1. Go to “Controls” page.
  2. Select a specific control and click on the three dots in the top-right corner.
  3. Select “Edit Control”.
  4. On edit control page, click on “Edit Standards Mapping”.
    TO Controls Edit Standards MApping 08
  5. Select standard you want to map from the drop-down menu.
    For example, if you select “ISO 27001:2022” standard to map, following screen will apear.
    TO Controls Edit Standards MApping 09
  6. Click on the “Update ISO 27001:2022 Mapping”. This updated mapping will appear in “Standards” tab on control details page.

Join the conversation

ON THIS PAGE
SHARE THIS PAGE

SUBSCRIBE
FlightSchool
OR