Common Control Library (CCL)
A Comprehensive Set of Reference Cyber Controls
Comply with multiple information security and data privacy frameworks with a single set of comprehensive information security controls and supporting polices. Information Shield’s CCL enables compliance with ISO 27002, PCI-DSS, HIPAA/HiTECH, NIST, US-CSF or any other framework using a single set of controls.
Why a “common” approach to security policy?
Many organizations struggle to rationalize the complex requirements of various compliance frameworks such as ISO 27002, PCI-DSS, HIPAA/HiTECH, and NIST. In truth, however, most of these frameworks prescribe a common set of information security controls that would apply to any business. We have taken these requirements and distilled them into a single outline that can be adopted easily. The CPL framework is backed by pre-written information security policies covering every topic.
Demonstrating Cyber Due-Care
Many cyber security regulations require that an organization adopt a cyber security program that “adequately protects information from disclosure”. These vague regulatory statements translate into a real world problem: The organization must define and document a cyber security program that meets some level of “due care” relative to their industry. The Common Control Library can be adopted quickly by any organization to build a defensible cyber security program.
Comprehensive Information Security and Data Privacy Coverage
The Common Control Library (CCL) covers over 183 different security topics. The CPL is organized in 16 different domains covering essential security topics including:
2. Security Policies and Procedures
3. Information Security Program
4. Asset Management
5. Information Management
6. Personnel Security Management
7. Third Party Security
8. Access Control Security
10. Physical Security Management
11. Operations Security
12. Application Development
13. Incident Response Management
14. IT Business Continuity
15. Security Compliance and Audit
16. Employee & Customer Privacy
The Common Policy Library (CPL) is updated in response the latest technologies, threats, and regulatory changes. New technologies such as mobile devices, VOIP, portable storage (USB) and social media all create new threats to confidential information. Our security experts monitor the latest trends and update our library of information security policy and data privacy policies.
Automating Security Program Compliance
Enable compliance with information security and data privacy policies using Compliance Shield. Compliance Shield’s library of information security policies is based on Information Security Policies Made Easy, by Charles Cresson Wood. Our policies, tools and templates are written by seasoned information security professionals and have been battle-tested in over 10,000 organizations from over 60 different countries.