Confirm Key Elements of CCC Control Catalog

[mlysaght2017]

Feature Request

Description of Problem:

The CCC Security WG has not yet confirmed the set of key elements of the CCC Control Catalog. Examples of key elements are the following:

Control Families: Controls are grouped into families based on their function or area of focus, such as access control, incident response, and risk assessment.

Control Descriptions: Each control is described in detail, including its purpose, scope, and implementation guidelines.

Control Objectives: These define the desired outcome or goal of implementing a particular control.

Implementation Guidance: Practical advice and steps on how to effectively implement the control within an organisation's environment.

Compliance Mapping: Links controls to relevant standards, regulations, and frameworks, such as NIST, ISO, GDPR, or HIPAA, to ensure compliance requirements are met.

Assessment Procedures: Methods and criteria for evaluating the effectiveness of implemented controls.

When tasked with contributing to the CCC Control Catalog, I want to know the key elements and format of the CCC Control Catalog, so I can successfully add controls to the Catalog.

Potential Solutions:

Proposed elements and .md format for CCC Control Catalog in PR: #153
Comments need to be addressed and then merge to main