CAF Outcome B3.d: Mobile Data

From the UK NCSC's Cyber Assessment Framework (version 3.1):

You have protected data important to the operation of the essential function on mobile devices.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

NCSC CAF Mapped to NIST CSF

B3.d: Mobile Data to CSF mappings generated from UK Cabinet Office table.

Control ID Description
ID.AM-4 External information systems are catalogued
PR.IP-6 Data is destroyed according to policy
PR.DS-3 Assets are formally managed throughout removal, transfers, and disposition
DE.CM-5 Unauthorized mobile code is detected
PR.PT-2 Removable media is protected and its use restricted according to policy

Related ISO 27001 Controls

Clauses and controls from ISO 27001 (2013) which are related to this CAF outcome, taken from mappings by Ofgem.

  • Physical media transfer (8.3.3)
    ISO 27001:2013

Related SP800-53 Controls

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Node
SA-9: External System Services
AC-20: Use of External Systems
MP-6: Media Sanitization
CM-8: System Component Inventory
PE-16: Delivery and Removal
SC-18: Mobile Code
SI-4: System Monitoring
SC-44: Detonation Chambers
MP-5: Media Transport
MP-4: Media Storage
MP-3: Media Marking
MP-8: Media Downgrading
MP-2: Media Access
MP-7: Media Use