Requirements & Regulations

Governance Mapping: Define the legislative and framework-level source of truth for all compliance operations.

AI Actions:

ID	Title	Source	Status	AI Coverage	Linked Risks
REQ-CM-01	ISO 27001 A.12.1.2 - Change Management	ISO 27001	active	100%	2
REQ-CM-02	SOC 2 CC8.1 - Authorization of Changes	SOC 2	active	100%	1
REQ-CM-03	NIST PR.IP-3 - Configuration Change Control	NIST CSF	active	100%	1
REQ-PRIV-01	GDPR Art 17 - Right to Erasure	GDPR	active	100%	1
REQ-PRIV-02	CCPA 1798.105 - Deletion Rights	CCPA	active	100%	1
REQ-PRIV-03	ISO 27001 A.18.1.4 - Privacy	ISO 27001	active	100%	1
REQ-ACC-01	SOC 2 CC6.1 - Logical Access Security	SOC 2	active	100%	2
REQ-ACC-02	ISO 27001 A.9.2.1 - User Registration	ISO 27001	active	100%	1
REQ-ACC-03	NIST PR.AC-6 - Least Privilege	NIST CSF	active	100%	1
REQ-PHYS-01	ISO 27001 A.11.1.1 - Physical Perimeter	ISO 27001	active	100%	1
REQ-PHYS-02	SOC 2 CC6.4 - Physical Access	SOC 2	active	100%	1
REQ-VEND-01	ISO 27001 A.15.1.1 - Supplier Policy	ISO 27001	active	100%	1
REQ-VEND-02	SOC 2 CC9.2 - Vendor Risk	SOC 2	active	100%	1
REQ-AST-01	ISO 27001 A.8.1.1 - Inventory of Assets	ISO 27001	draft	Analyzed	1
REQ-INC-01	ISO 27001 A.16.1.2 - Reporting Events	ISO 27001	active	100%	1