AAC-02: Independent Audits

Control Family:

CSF v1.1 References:

PR.IP-7
PR.IP-8
PR.PT-1
DE.DP-3
RS.MI-3

PF v1.0 References:

CT.DM-P8
PR.PO-P5
PR.PO-P6

Control Statement

Independent reviews and assessments shall be performed at least annually to ensure that the organization addresses nonconformities of established policies, standards, procedures, and compliance obligations.

Control Statement

Related Controls

NIST Special Publication 800-53 Revision 5

NIST Special Publication 800-53 Revision 4