vikahuja001
-
Joined
Sep 18, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| MapID (PK) | FrameworkID_FK | ParameterID_FK | ParameterValue | Applicability_Reason | |
|---|---|---|---|---|---|
| M01 | F05 | P01 | Healthcare | HIPAA is legally mandated for organizations in the U.S. healthcare industry. | |
| M02 | F05 | P02 | USA | HIPAA is a United States federal law. | |
| M03 | F05 | P04 | PHI (Protected Health Information) | The core purpose of HIPAA is to protect PHI. | |
| M04 | F06 | P02 | European Union | GDPR applies to any company processing the data of EU citizens. | |
| M05 | F06 | P04 | PII (Personally Identifiable Information) | GDPR's scope is focused on the protection of personal data (PII). | |
| M06 | F07 | P04 | Credit Card Data | PCI DSS is required for any entity that processes payment card data. | |
| M07 | F02 | P05 | IT Department | COBIT is the leading framework for auditing the governance and management of an IT function. | |
| M08 | F01 | P05 | Finance Department | COSO is the standard for evaluating internal controls over financial reporting. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ParameterID (PK) | ParameterName | ParameterCategory | Description | |
|---|---|---|---|---|
| P01 | Industry | Organizational Profile | The vertical market or sector the company operates in. | |
| P02 | Jurisdiction | Organizational Profile | The legal/geographical region of operation or customer base. | |
| P03 | CompanyType | Organizational Profile | The legal and financial structure (e.g., Public, Private). | |
| P04 | DataHandled | Compliance & Risk | The specific types of sensitive data being processed. | |
| P05 | AuditDepartment | Audit Scope | The internal department or function being audited. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FrameworkID (PK) | FrameworkName | FullName | IssuingBody | Category | Description | |
|---|---|---|---|---|---|---|
| F01 | COSO IC | Internal Control - Integrated Framework | Committee of Sponsoring Organizations of the Treadway Commission | Internal Control | Provides a model for establishing, managing, and evaluating control over operations, reporting, and compliance. | |
| F02 | COBIT | Control Objectives for Information and Related Technologies | ISACA | IT Governance | A framework for the governance and management of enterprise IT. | |
| F03 | NIST CSF | Cybersecurity Framework | National Institute of Standards and Technology | Cybersecurity | Provides a high-level, strategic view of an organization's management of cybersecurity risk. | |
| F04 | ISO 27001 | ISO/IEC 27001 | International Organization for Standardization | Information Security | Specifies the requirements for establishing, implementing, maintaining, and continually improving an ISMS. | |
| F05 | HIPAA | Health Insurance Portability and Accountability Act | U.S. Dept. of Health & Human Services | Regulatory | U.S. federal law requiring the protectio |