What is Compliance Mapping?
- Vicki McEwen
Owned by Vicki McEwen
Compliance Mapping is the process of finding commonality between multiple laws, policies, rules, regulations, best practices etc., also known as Authority Documents, and mandates through harmonization. Compliance Mapping aims to identify when mandates across Authority Documents or within the same Authority Document are saying the same thing using different language vs. entirely separate things. This process involves extracting citations, tagging mandates, matching mandates to common controls, and calling out audit items.
The UC Compliance Mapping process consists of:
- cataloging the Authority Document in question,
- extracting its pertinent Citations and Mandates,
- tagging the terms in those Mandates,
- selecting each tagged term's in-context definition,
- mapping that tagged Mandate to a Common Control, and
- matching the Common Control to corresponding Audit Questions.