GOV-04
Assigned Cybersecurity & Data Protection Responsibilities
Description
Mechanisms exist to assign one or more qualified individuals with the mission and resources to centrally-manage, coordinate, develop, implement and maintain an enterprise-wide cybersecurity and data protection program.
Control Question
Does the organization assign one or more qualified individuals with the mission and resources to centrally-manage, coordinate, develop, implement and maintain an enterprise-wide cybersecurity and data protection program?
Control Metadata
Domain:
Cybersecurity & Data Protection Governance
Validation Cadence:
Annual
Evidence Request List:
E-HRS-01 E-HRS-05 E-HRS-06 E-HRS-07 E-HRS-08 E-HRS-09 E-HRS-10 E-HRS-13 E-HRS-15
Framework Mappings
This control maps to the following compliance frameworks
APRA CPS 230
2124
APRA CPS234
1419
MAS TRM
3.1.7(a)3.1.7(b)3.1.7(c)3.1.7(d)3.1.7(e)3.1.7(f)3.1.7(g)3.1.8(a)3.1.8(b)3.1.8(c)3.1.8(d)3.1.8(e)
HKIA GL20
1.11.21.31.41.5