Common Control Library (CCL)
Build Once – Comply Many! A common approach to cyber security
Comply with multiple information security and data privacy frameworks with a single set of comprehensive information security and data privacy controls. Information Shield’s CCL enables compliance with ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST CSF, CMMC or any other framework using a single unified set of controls. All controls are integrated with our Security policy templates, enabling any organization to quickly develop information security policies that are both practical and enforceable.
Why a “common” approach to cyber security?
Many organizations struggle to rationalize the complex requirements of various compliance frameworks such as ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST CSF, CMMC and GDPR. However, most of these frameworks prescribe a common set of information security controls that would apply to any business. We have taken these sometimes vague regulatory requirements and distilled them into a single outline that can be adopted, tracked and verified using standardized audit protocols. The CCL framework is also backed by pre-written information security policies covering every topic.
Time-Tested Complete Information Security Topic Coverage
The Common Control Library (CCL) contains over 1700 pre-written information security policies covering over 200 different information security topics. The CCL is organized in 16 different domains covering essential security topics including:
2. Security Policies and Procedures
3. Information Security Program
4. Asset Management
5. Information Management
6. Personnel Security Management
7. Third Party Security
8. Access Control Security
10. Physical Security Management
11. Operations Security
12. Application Development
13. Incident Response Management
14. IT Business Continuity
15. Security Compliance and Audit
16. Employee & Customer Privacy
The Common Control Library is based on Information Security Policies Made Easy, by Charles Cresson Wood. Our policies, tools and templates are written by seasoned information security professionals and have been battle-tested in over 10,000 organizations from over 60 different countries.
Regular Information Security Control Updates
The Common Control Library (CCL) is updated in response the latest technologies, threats, and regulatory changes. New technologies such as mobile devices, VOIP, portable storage (USB) and social media all create new threats to confidential information. Our security experts monitor the latest trends and update our library of controls and integrated information security policy and data privacy policies.
Streamlined Cyber Security Validation
The Common Control Library is the key to the Information Shield Cyber Certification – a streamlined external program assessment and validation. Unlike other cyber security validation schemes, the Information Shield Cyber Certification can be easily shared and validated across multiple organizations with minimal effort. Integration with our ComplianceShield platform enables organizations to define, deliver, demonstrate and validate their cyber security program at a fraction of the time and cost of a traditional SOC II or ISO 27001 certification.
Try it free today!
Our software, security policies, tools and templates are written by seasoned information security professionals and have been battle-tested in over 10,000 organizations from over 60 different countries.Request a Free Trial