The Compliance Controls and Mapping Database v2.0!
This version of the controls and mappings database is a significant improvement over the previous version. The database now includes a mesh of mappings from different trusted sources. For example, HiTrust v8 was the basis for a number of the primary control mappings. In addition to the Hitrust mappings, a number of additional mappings from various trusted sources (e.g., NIST) have also been included.
This MS Access database contains the following:
- Security controls, implementation guidance, and mappings for:
- NIST 800-53 r4,
- FedRAMP,
- PCI DSS v3.x,
- HIPAA,
- ISO 27001:2013,
- AICPA SOC2/SOC3
- Hitrust
- CIS Sans Top 20
- CJIS
- Cyber Security Framework
- (more will be added)
Disclaimer
IN NO EVENT SHALL NIGHTLION SECURITY BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF NIGHTLION SECURITY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
NIGHTLION SECURITY SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE AND ACCOMPANYING DOCUMENTATION, IF ANY, PROVIDED HEREUNDER IS PROVIDED “AS IS”. NIGHTLION SECURITY HAS NO OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
Access the Database
**UPDATE**
The latest version of the security controls mapping tool is now available on SecurityCheckbox.com.
