Mapping Matrix

View and edit the mapping between controls and compliance standards

0 selected |
ANTT ANTT - Regulamentação
CIS CIS Controls v8
COBIT COBIT 2019
CSA-CCM CSA Cloud Controls Matrix v4
GARTNER-MM Gartner IGA Maturity Model
GARTNER-PG Gartner IGA Program Guidance
IBGC IBGC 6ª Edição
IDPRO IDPro Body of Knowledge
ISF ISF SGP 2024
ISO27001 ISO 27001:2022
ISO27035 ISO/IEC 27035
ITIL4 ITIL 4 / ITSM
LGPD LGPD/GDPR
MS-AD Microsoft AD/M365 Best Practices
NIST NIST CSF 2.0
NIST-53 NIST SP 800-53
NIST-63 NIST SP 800-63
PSI PSI-CORP-001
25 controls × 7 standards 202 mappings
Qriar IAM Security Framework
Control Domain CIS
CIS Controls v8 		IBGC
IBGC 6ª Edição 		ISF
ISF SGP 2024 		ISO27001
ISO 27001:2022 		LGPD
LGPD/GDPR 		NIST
NIST CSF 2.0 		PSI
PSI-CORP-001
Authentication
AUTH-001 Enforce Phishing-resistant MFA (FIDO2/CBA) for all...
6.4
Cap. 5.4
PA.2.2
A.5.17 A.8.5
Art. 46
PR.AA-03
5.1
AUTH-002 Enforce MFA for all users with Number Matching to ...
6.3
Cap. 5.4
UM.2.2
A.8.5
Art. 46
PR.AA-03
5.1
AUTH-003 Configure Smart Lockout: block the threat actor (I...
6.2
Cap. 5.4
UM.2.1
A.8.5 A.8.3
Art. 46
PR.AA-01 PR.AA-04
-
AUTH-004 Real-time checking of banned passwords against glo...
5.2
Cap. 5.4
UM.2.1
A.5.17
Art. 6
PR.AA-01
5.2
AUTH-005 Block interactive login and rotate Service Account...
4.7 6.6
Cap. 5.4 Cap. 5.5
TS.1.3
A.5.16 A.8.2
Art. 32
PR.AA-02
5.3
AUTH-006 Enforce re-authentication for critical actions (e....
16.11
Cap. 5.4
UM.2.3
A.8.5
Art. 37
PR.AA-04
-
AUTH-007 Disable legacy protocols (Basic Auth: POP3, IMAP, ...
4.8
Cap. 5.4
TS.2.1
A.8.5 A.5.15
Art. 46
PR.AA-05
-
Identity Lifecycle (JML)
JML-001 Automate 'Birthright' provisioning via HR, creatin...
5.1 6.1
Cap. 5.5 Cap. 6.1
IM.2.1
A.5.16 A.5.18
Art. 6
PR.AA-01 PR.AA-05
4.3
JML-002 Review trigger on transfers: a change of role in H...
6.5
Cap. 1.6 Cap. 5.5
IM.2.2
A.5.18 A.8.4
Art. 46
PR.AA-05
4.1
JML-003 Automate exit 'Kill Switch': Blocking and revocati...
6.5
Cap. 6.1 Cap. 6.3.2
IM.2.3
A.5.16 A.8.5
Art. 50
PR.AA-01
4.2
JML-004 Quarterly Access Certification campaigns with auto...
6.8
Cap. 5.5 Cap. 1.6
IM.3.1
A.5.18
Art. 5
PR.AA-01
4.3
JML-005 Detection of orphan accounts (Reconciliation): Com...
5.3
Cap. 5.5 Cap. 6.3.2
IM.3.2
A.5.16
Art. 37
ID.AM-01
-
JML-006 Strict expiration (TTL) for guest (B2B) accounts, ...
6.7
Cap. 5.5
IM.2.4
A.5.19 A.5.21
Art. 39
ID.RA-03
-
Monitoring (MON)
MON-001 Centralize Audit/Sign-in Logs in a SIEM. Retention...
8.2 8.10
Princ. 2 Cap. 5.6
SM.1.1
A.8.15 A.5.33
Art. 37
DE.AE-02
7.1
MON-002 Automatic blocking based on Risk (User/Sign-in Ris...
5.2
Cap. 5.4 Cap. 5.6
SM.2.2
A.8.16 A.8.5
Art. 46
DE.AE-06
-
MON-003 Alert on unverified illicit or high-privilege OAut...
13.6
Cap. 5.6 Cap. 6.3.2
BA.2.2
A.8.23 A.5.23
Art. 6
DE.CM-06
7.2
MON-004 P1 alerts for changes to Tier 0 groups (Global/Dom...
5.4
Cap. 5.6
SM.2.1
A.8.2 A.6.8
Art. 33
DE.AE-04
6.3
MON-005 Monitor anomalies in Service Principals (read volu...
6.6
Cap. 5.6
SM.2.3
A.8.16 A.5.2
Art. 46
DE.AE-07
5.3
MON-006 User feedback ('Not me') in MFA generates an immed...
14.2
Cap. 5.6 Cap. 6.1
SM.3.1
A.6.3 A.6.8
Art. 48
DE.DP-04
-
Privileged Access (PAM)
PAM-001 Eliminate permanent privileges (Zero Standing Priv...
5.4
Princ. 4 Cap. 5.4
PA.1.2
A.8.2 A.5.18
Art. 46
PR.AA-05
6.2
PAM-002 Separate accounts: adm-user (no email/web) for man...
5.4
Cap. 1.6 Cap. 5.5
PA.1.1
A.8.2
Art. 46
PR.AA-05
6.1
PAM-003 Remove local administrator account and use LAPS fo...
5.5
Cap. 5.5
PA.2.1
A.8.1 A.8.2
Art. 32
PR.AA-01
-
PAM-004 Implement a Tiered Model (Tiering/Red Forest): Tie...
5.4
Cap. 1.6 Cap. 5.5
PA.2.3
A.8.12 A.5.15
Art. 46
PR.AC-03
-
PAM-005 2 monitored Emergency (Break Glass) accounts, clou...
4.3
Cap. 5.4
PA.1.4
A.5.2 A.8.2
Art. 48
ID.RA-03
6.3
PAM-006 Require dedicated Privileged Access Workstations (...
4.2
Cap. 5.5
PA.2.4
A.8.1 A.8.11
Art. 32
PR.AA-02
-