Great work @James Kavanagh. I've undertaken a similar exercise, compiling the recommended practices or controls from some of the frameworks you mentioned (plus some others) and grouping them under 7 domains: Strategy, Governance, Procurement, People, Compliance, Data and AI development. I found it helpful to tag each control by lifecycle…
Great work @James Kavanagh. I've undertaken a similar exercise, compiling the recommended practices or controls from some of the frameworks you mentioned (plus some others) and grouping them under 7 domains: Strategy, Governance, Procurement, People, Compliance, Data and AI development. I found it helpful to tag each control by lifecycle phase and potential functional owner also. It was largely manual work, conducted by reading through the source documents and making some judgement calls much as you described....but worth it, to come up with some universal controls that respond to several standards.
Great work @James Kavanagh. I've undertaken a similar exercise, compiling the recommended practices or controls from some of the frameworks you mentioned (plus some others) and grouping them under 7 domains: Strategy, Governance, Procurement, People, Compliance, Data and AI development. I found it helpful to tag each control by lifecycle phase and potential functional owner also. It was largely manual work, conducted by reading through the source documents and making some judgement calls much as you described....but worth it, to come up with some universal controls that respond to several standards.