Intellectual Property Protection

The main focus here is to ensure that the protection of intellectual property is identified as a key business driver, and that the compliance effort of the business take this into account.

Cloud Controls Matrix (CCM) Data

Array

LG-01 | Legal | Non-Disclosure Agreements

Control Specification +-

Requirements for non-disclosure or confidentiality agreements reflecting the organization's needs for the protection of data and operational details shall be identified, documented and reviewed at planned intervals.

Architectural Relevance +-

PhysicalNetworkComputeAppData
False False False False True

Corp Gov Relevance +-

Corp Gov Relevance
True

Cloud Service Delivery Model Applicability +-

SaaSPaaSIaaS
True True True

Supplier Relationship +-

Service ProviderTenant / Consumer
True True

Scope Applicability +-

COBIT 4.1HIPAA / HITECH ActISO/IEC 27001-2005

ISO/IEC 27001:2005Annex A.6.1.5

NIST SP800-53 R3FedRAMP (Final 2012) Low ImpactFedRAMP (Final 2012) Moderate ImpactPCI DSS v2.0

PL-4
PS-6
SA-9

NIST SP 800-53 R3 PL-4
NIST SP 800-53 R3 PS-6
NIST SP 800-53 R3 SA-9

NIST SP 800-53 R3 PL-4
NIST SP 800-53 R3 PS-6
NIST SP 800-53 R3 SA-9
NIST SP 800-53 R3 SA-9 (1)

12.8.2
12.8.3
12.8.4

BITS Shared Assessments SIG v6.0BITS Shared Assessments SIG v5.0GAPP (Aug 2009)

C.2.5

1.2.5

Jericho ForumNERC CIP

Commandment #6
Commandment #7
Commandment #8
Commandment #9

Array

Legal (LG) | ID #LG-01.1

Are requirements for non-disclosure or confidentiality agreements reflecting the organization's needs for the protection of data and operational details identified, documented and reviewed at planned intervals?

Compliance Mapping +-

COBITHIPAAISO27001SP800_53

ISO/IEC 27001:2005
Annex A.6.1.5

NIST SP800-53 R3 PL-4
NIST SP800-53 R3 PS-6
NIST SP800-53 R3 SA-9

FedRAMPPCI_DSSBITSGAPP

NIST SP800-53 R3 PL-4
NIST SP800-53 R3 PS-6
NIST SP800-53 R3 SA-9
NIST SP800-53 R3 SA-9 (1)

PCI DSS v2.0 12.8.2
PCI DSS v2.0 12.8.3
PCI DSS v2.0 12.8.4

SIG v6.0:C.2.5

GAPP Ref 1.2.5

Model Applicability +-

SaaSPaaSIaaS
True True True

Scope Applicability +-

SPCUST
True True