Class: Safeguard
A specific, measurable action that an enterprise should take to implement a CIS Control. Formerly called "Sub-Controls" prior to CIS Controls v8.
classDiagram
class Safeguard
click Safeguard href "../Safeguard/"
Safeguard : asset_type
Safeguard --> "1" AssetType : asset_type
click AssetType href "../AssetType/"
Safeguard : description
Safeguard : id
Safeguard : implementation_groups
Safeguard --> "1..*" ImplementationGroup : implementation_groups
click ImplementationGroup href "../ImplementationGroup/"
Safeguard : safeguard_number
Safeguard : security_function
Safeguard --> "1" SecurityFunction : security_function
click SecurityFunction href "../SecurityFunction/"
Safeguard : title
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| id | 1 String |
Composite identifier for the safeguard (e | direct |
| title | 1 String |
Human-readable title of the element | direct |
| safeguard_number | 1 SafeguardId |
Dotted identifier of this Safeguard (e | direct |
| description | 0..1 String |
Descriptive text for the element | direct |
| asset_type | 1 AssetType |
The class of enterprise asset primarily addressed by this Safeguard | direct |
| security_function | 1 SecurityFunction |
NIST CSF 2 | direct |
| implementation_groups | 1..* ImplementationGroup |
Implementation Group(s) for which this Safeguard is applicable | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| CISControl | safeguards | range | Safeguard |
In Subsets
Aliases
- sub-control
See Also
Identifier and Mapping Information
Valid ID Prefixes
Instances of this class should have identifiers with one of the following prefixes:
- cis_controls
Schema Source
- from schema: https://w3id.org/lmodel/cis-controls
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | cis_controls:Safeguard |
| native | cis_controls:Safeguard |
| exact | schema:Action |
| related | iso27001:SecurityControl |
| close | nist_csf_v2:CSFSubcategory |
LinkML Source
Direct
name: Safeguard
id_prefixes:
- cis_controls
description: A specific, measurable action that an enterprise should take to implement
a CIS Control. Formerly called "Sub-Controls" prior to CIS Controls v8.
in_subset:
- essential_cyber_hygiene
- ig2_controls
- ig3_controls
from_schema: https://w3id.org/lmodel/cis-controls
see_also:
- https://www.cisecurity.org/controls/
aliases:
- sub-control
exact_mappings:
- schema:Action
close_mappings:
- nist_csf_v2:CSFSubcategory
related_mappings:
- iso27001:SecurityControl
slots:
- id
- title
- safeguard_number
- description
- asset_type
- security_function
- implementation_groups
slot_usage:
id:
name: id
description: Composite identifier for the safeguard (e.g. "CIS-1.1").
pattern: ^CIS-([1-9]|1[0-8])\.[0-9]+$
implementation_groups:
name: implementation_groups
description: Implementation Group(s) for which this Safeguard is applicable. A
Safeguard listed under IG2 is also required for IG3 enterprises; a Safeguard
listed under IG1 is required for all enterprises.
Induced
name: Safeguard
id_prefixes:
- cis_controls
description: A specific, measurable action that an enterprise should take to implement
a CIS Control. Formerly called "Sub-Controls" prior to CIS Controls v8.
in_subset:
- essential_cyber_hygiene
- ig2_controls
- ig3_controls
from_schema: https://w3id.org/lmodel/cis-controls
see_also:
- https://www.cisecurity.org/controls/
aliases:
- sub-control
exact_mappings:
- schema:Action
close_mappings:
- nist_csf_v2:CSFSubcategory
related_mappings:
- iso27001:SecurityControl
slot_usage:
id:
name: id
description: Composite identifier for the safeguard (e.g. "CIS-1.1").
pattern: ^CIS-([1-9]|1[0-8])\.[0-9]+$
implementation_groups:
name: implementation_groups
description: Implementation Group(s) for which this Safeguard is applicable. A
Safeguard listed under IG2 is also required for IG3 enterprises; a Safeguard
listed under IG1 is required for all enterprises.
attributes:
id:
name: id
description: Composite identifier for the safeguard (e.g. "CIS-1.1").
from_schema: https://w3id.org/lmodel/cis-controls
exact_mappings:
- nist_csf_v2:id
rank: 1000
slot_uri: dct:identifier
identifier: true
alias: id
owner: Safeguard
domain_of:
- CISControlsDocument
- CISControl
- Safeguard
range: string
required: true
pattern: ^CIS-([1-9]|1[0-8])\.[0-9]+$
title:
name: title
description: Human-readable title of the element.
from_schema: https://w3id.org/lmodel/cis-controls
exact_mappings:
- nist_csf_v2:title
rank: 1000
slot_uri: dct:title
alias: title
owner: Safeguard
domain_of:
- CISControlsDocument
- CISControl
- Safeguard
range: string
required: true
safeguard_number:
name: safeguard_number
description: Dotted identifier of this Safeguard (e.g. "1.1"). Combines the parent
control number with a sequential Safeguard index.
from_schema: https://w3id.org/lmodel/cis-controls
rank: 1000
alias: safeguard_number
owner: Safeguard
domain_of:
- Safeguard
range: SafeguardId
required: true
description:
name: description
description: Descriptive text for the element.
from_schema: https://w3id.org/lmodel/cis-controls
close_mappings:
- nist_csf_v2:prose
rank: 1000
slot_uri: dct:description
alias: description
owner: Safeguard
domain_of:
- CISControlsDocument
- Safeguard
range: string
asset_type:
name: asset_type
description: The class of enterprise asset primarily addressed by this Safeguard.
from_schema: https://w3id.org/lmodel/cis-controls
rank: 1000
alias: asset_type
owner: Safeguard
domain_of:
- Safeguard
range: AssetType
required: true
security_function:
name: security_function
description: NIST CSF 2.0 function category to which this Safeguard is mapped.
from_schema: https://w3id.org/lmodel/cis-controls
close_mappings:
- nist_csf_v2:groups
rank: 1000
alias: security_function
owner: Safeguard
domain_of:
- Safeguard
range: SecurityFunction
required: true
implementation_groups:
name: implementation_groups
description: Implementation Group(s) for which this Safeguard is applicable. A
Safeguard listed under IG2 is also required for IG3 enterprises; a Safeguard
listed under IG1 is required for all enterprises.
from_schema: https://w3id.org/lmodel/cis-controls
related_mappings:
- nist_csf_v2:props
rank: 1000
alias: implementation_groups
owner: Safeguard
domain_of:
- Safeguard
range: ImplementationGroup
required: true
multivalued: true