- Quick Start vs Framework Only Import
- Selecting a framework
- Overview screen
- Objective screen
- Filling out objectives
- Direct management
- Managing through controls
- Next Steps
- Manual mapping with frameworks
- Centralized mappings with internal controls
Quick Start vs Framework Import?
Oftentimes using ControlMap's Quick Start feature to launch either SOC 2 or ISO 27001 with pre-mapped policies and evidence makes sense especially if it is your first time launching either of those specific frameworks. However, what if you want to start with a different framework or manually map policies and evidence based on prior work elsewhere? In the linked article, we review how to use Quick Start, and how to take advantage of its automations and in this article we review the alternative. That is to launch a framework and it's controls only without QuickStart.
Importing a Framework and it's controls only makes sense if you've already developed a comprehensive set of controls that work for your organization, or if you need to start with an industry-specific framework like HIPPA, then a manual setup may be the correct choice for you.
Selecting a framework
Navigate to "My Frameworks" on the left navigation bar. Then click the purple "New Framework" button.
Here you see a list of frameworks. The Quick Start frameworks are listed at the top, while the remaining frameworks are listed under "All Frameworks". Select the framework you would like to start with.
Importing
Once you have clicked on a framework, you will be asked to Start Content Import. Click "Start Import" and the import will begin.
After the import is completed, you will see a list of framework requirements. You can drill down into these objectives to see the mapping options you have available to you.
Next Steps
From here, you have many options for managing your compliance framework. You can manually map policies and evidence to each requirement, or you can use internal controls to centralize and mesh together the mappings.