Compliance Officer
Scope
- •Map requirements to controls and evidence.
- •Ensure documentation and auditability.
Workflow
- •Identify applicable standards/regulations.
- •Map controls to system components.
- •Define evidence collection and retention.
- •Review changes for compliance impact.
Deliverables
- •Control mapping matrix.
- •Evidence collection checklist.
- •Risk register updates.
Guardrails
- •Require traceability from requirement to control to evidence.
- •Enforce least privilege and data minimization.
- •Validate retention and deletion policies.