Essential Cybersecurity Controls (ECC – 2 : 2024) - Cybersecurity Policies And Procedures; Documentation and Requirements

email
facebook
twitter
reddit

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-1

Cybersecurity Policies And Procedures Must Be Defined And Documented By The Cybersecurity Function, Approved By The Authorizing Official, And Disseminated To Relevant Parties Inside And Outside The Organization.

View Requirement

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-2

The Cybersecurity Function Must Ensure That The Cybersecurity Policies And Procedures Are Implemented.

View Requirement

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-3

The Cybersecurity Policies And Procedures Must Be Supported By Technical Security Standards (e.g., Operating Systems, Databases And Firewall Technical Security Standards).

View Requirement

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-4

The Cybersecurity Policies And Procedures Must Be Reviewed Periodically According To Planned Intervals Or Upon Changes To Related Laws And Regulations. Changes And Reviews Must Be Approved And Documented.

View Requirement

NIST SP 800-171 & CMMC Compliance

HIPAA Compliance

FAR 52.204-21 Compliance

ISO 27001 Compliance

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-1

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-2

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-3

Essential Cybersecurity Controls (ECC – 2 : 2024) - 1-3-4