CC5.3
Deploys policies and procedures
SecurityImplementedSecurity (Common Criteria)
Control description
AICPA Trust Services Criteria
The entity deploys control activities through policies that establish what is expected and procedures that put policies into action.
Auditor test plan
How this is tested during the audit
Auditor reviews the policy library version history and a sample of annual attestations.
Evidence
No evidence on file yet
No evidence attached
Upload at least one artifact before the audit window opens.
Last reviewed
36d
Within 180-day window
Evidence on file
3
Owner
DS
Director, Security
Accountable for design + operating effectiveness
Status timeline
Recent control history
Last reviewed by Director, Security
36d ago
Status set to implemented
66d ago
Initial control design approved
126d ago