Mapping a Control

Estimated reading: 4 minutes 19 views

Why do I need to map a control?

Mapping a control in TrustOps is easy. TrustCloud’s common controls framework maps a comprehensive set of certified standards controls to your custom controls. But overall, mapping controls to compliance standards is imperative for organizations seeking to ensure the integrity, security, and legality of their operations. Compliance standards, such as SOC 2, GDPR, HIPAA, and PCI DSS, serve as crucial frameworks that define industry-specific security measures. Aligning internal controls with these standards helps organizations adhere to legal requirements, mitigates risks associated with information security, and builds stakeholder trust.

TrustCloud provides you with a comprehensive set of controls to get certified against several out-of-the-box standards. TrustCloud’s common controls framework maps these for you, but these mappings can change over time, so to resolve this, TrustOps enables you to remap TCCF and custom controls as part of the editing process.

By mapping controls in TrustOps, companies can establish a standardized approach to security, creating a foundation for continuous improvement and demonstrating a commitment to best practices. This process not only safeguards against legal consequences and penalties but also fosters a culture of vigilance, allowing organizations to proactively address emerging threats and maintain the highest standards of data protection.

In TrustOps, mapping controls to compliance standards is vital for harmonizing security practices with industry regulations. This ensures adherence to legal requirements, bolsters stakeholder trust, and facilitates a unified approach to information security. By aligning with compliance standards, TrustOps organizations enhance their risk management, streamline operations, and fortify their commitment to maintaining the highest standards of trust and security.
Ultimately, mapping controls to compliance standards in TrustOps can be a strategic imperative for organizations aiming to navigate the complex landscape of information security while meeting regulatory expectations.

How do I find the mapping?

From Main Controls List

Navigate to the controls section in your TrustOps program.
To view a control mapping, click on the “Show Mapping to” drop-down menu in the top left corner of the table. This creates a filter to show you the controls specific to each standard.
The following screenshot shows a filter “Show mapping to” drop-down menu.

From a Control’s details page

To view specific control standard mappings,

Click on any control from the controls list.
Go to tab “Standards”.
The following screenshot shows the standards mapped in your program.
The “Standards” tab also shows the standards that are not mapped to that particular control in your program.
The following screenshot shows the standards mapped to this control that are not in your program.

From Audit Dashboard

Control mapping can also be viewed on the audit dashboard in TrustOps.

Go to “Audits”.
Click on “Overview”.
Select any standard and click on “View Details” button in front of it.
The following screenshot shows the control mapping for SOC 2 standard.

Edit Control Mapping

Go to “Controls” page.
Select a specific control and click on the three dots in the top-right corner.
Select “Edit Control” and update the standards mapping via the window available.
The following screenshot shows how to edit a control.
Make changes and click on “Update Control” button.
The following screenshot shows how to update a control.

NOTE: We do not recommend you update these mappings during an audit.