Map common control themes across frameworks.
Framework Mapping
Cybersecurity Framework Mapping
A mapping exercise connecting control requirements across ISO 27001, NIST CSF, and CIS Controls.
- Organization
- Cybersecurity Internship Portfolio
- Duration
- 2 weeks
- Project Type
- Framework Mapping
Business Context
Why the work mattered
Organizations often use multiple frameworks for different audiences. This project created a crosswalk to reduce duplication and help stakeholders understand overlapping control expectations.
Objectives
Engagement goals
Identify overlaps and gaps.
Document practical evidence examples.
Support future compliance planning.
Methodology
Structured process
The methodology explains how the work moved from context gathering to documented recommendations.
Step 1
Control Theme Grouping
Make framework comparison easier to manage.
Grouped requirements by governance, access, incident response, awareness, and continuity themes.
Step 2
Crosswalk
Identify aligned requirements and unique expectations.
Mapped framework references and noted where evidence could satisfy multiple expectations.
Step 3
Evidence Examples
Translate framework language into practical artifacts.
Documented examples such as policies, logs, risk registers, reviews, and training records.
Deliverables
Artifacts produced
Framework Crosswalk
Mapping table connecting control themes across common cybersecurity frameworks.
Reduces duplicated effort and improves audit preparation.
Skills Demonstrated
Professional competencies
Outcomes
Project impact
- Framework similarities and differences became easier to communicate.
- Evidence planning improved through reusable control themes.
Lessons Learned
Professional growth
Related Projects
Continue exploring

Governance
Governance Policy Development
A structured policy development engagement aligning security expectations with business objectives and recognized frameworks.

Internal Audit
Internal Cybersecurity Audit
An internal assessment that reviewed security controls, documented gaps, and produced a prioritized remediation roadmap.

Risk Management
Enterprise Risk Assessment
A risk assessment project documenting assets, threats, likelihood, impact, and treatment options for management review.
Discuss GRC opportunities
Contact Osen after reviewing this project or download the resume for a concise overview.