| Asset Inventory & ManagementInventory physical systems, platforms, software assets, and logical boundaries. | ID.AM-01 | A.5.9 | CC6.1 (Asset Tracking) | Level 1: Initial (Ad-hoc) |
| Identity & Access ControlManage credentials, enforce MFA, separate administrative privileges, and audit user access. | PR.AC-01 | A.5.15 / A.8.20 | CC6.2 / CC6.3 (Access Rules) | Level 1: Initial (Ad-hoc) |
| Incident Response PlanningDefine, execute, and tabletop-test cyber incident response plans and communication protocols. | RS.RP-01 | A.16.1 | CC7.3 / CC7.4 (Incident Actions) | Level 1: Initial (Ad-hoc) |
| Disaster Recovery & ContinuityConfigure immutable backups, define recovery timelines (RTO/RPO), and failure redundancy. | RC.RP-01 | A.17.1 | CC7.3 (Resilience Policies) | Level 1: Initial (Ad-hoc) |
| Vulnerability & Patch MgmtScan system surfaces, monitor CVE vulnerability feeds, and deploy software patches. | PR.IP-12 | A.12.6 / A.8.7 | CC7.1 (Vulnerability Tests) | Level 1: Initial (Ad-hoc) |
| Continuous Audit & MonitoringAggregate security events in central SIEM logs, check configurations, and trigger alerts. | DE.CM-01 | A.8.20 / A.8.24 | CC7.2 (Security Monitoring) | Level 1: Initial (Ad-hoc) |