Ask: Does anyone have a mapping or cross walk from FFIEC to COBIT 5? If there is a mapping that also includes PCI 3.2 and ITIL that would be awesome as well.
Background: I am looking to implement a control framework based on COBIT 5, but need coverages for FFIEC (GLBA too, but I believe ffiec will cover this), and PCI 3.2, with guidance from ITIL for delivery and ops functions, as needed.
I have looked everywhere and have not found many useful mappings or crosswalks for ffiec to date. In the past I have used NIST/ 800-53 as my primary control framework, with additional guidance from COBIT 4.1, ISO, SANS, and ITIL, as needed, and it worked perfectly. At my new place of business FFIEC seems to be the most desired followed by COBIT, but from my reading I find FFIEC t oo generic and lacking details, so I would like to use COBIT 5 as the primary control framework with coverages for the above, as needed.
Thanks in advance!
You must sign in to rate content.