Its primary purpose is to serve as a centralized library of reference (baseline) controls and documents that define what should exist in an organization from a governance and compliance standpoint. This is a reference layer, not an assessment.
¶ Add Reference Control
To add a new reference control click the icon in the top-right corner of the page.
Complete the сontrol definition fields.
Field descriptions:
Name (required) - enter the name of the reference control.
Description - add additional details if needed.
Reference ID - add an internal identifier.
Category - select the type of control (Process, Technical, Organizational, Policy, Documentation).
CSF Function - map the reference control to a NIST CSF 2.0 Function.
Annotation - optional field for internal notes or implementation guidance.
Provider - enter the source of the control definition.
Domain (required) - defines the applicability scope of the control.
Click Save to add the reference control to the library. Click Cancel to discard changes.