Security Communication and Information
COSO Principle 13: The entity obtains or generates and uses relevant quality information to support the functioning of internal control.
Identifies Information Requirements—A process is in place to identify the information required and expected to support the functioning of the other components of internal control and the achievement of the entity’s objectives.Captures Internal and External Sources of Data—Information systems capture internal and external sources of data.Processes Relevant Data Into Information—Information systems process and transform relevant data into information.Maintains Quality Throughout Processing—Information systems produce information that is timely current accurate complete accessible protected verifiable and retained. Information is reviewed to assess its relevance in supporting the internal control components.
What is a Cybersecurity Compliance Framework?
You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security and privacy frameworks and certifications.
With the Lionfish platform, every framework is supported with guided scoping, policies, controls, automated evidence collection, and continuous monitoring, ensuring efficient preparation for audits or attestation in minimal time.
The Lionfish platform is compatible with a wide range of security and privacy frameworks, including:
- CMMC v2
- NERC CIP-002 through CIP-014 Revision 6
- NIST 800-171
- NIST 800-172
- PCI (Payment Card Industry Security Standard)
- SOC 2
- NIST 800-53
- NIST SP800-161 Supply Chain Risk Management
- CIS Framework Controls V8