How does GoalsMapper monitor compliance and security?
GoalsMapper uses Datadog Cloud Security Management to continuously monitor our cloud environment for compliance against internationally recognized frameworks. Datadog’s compliance engine scans our infrastructure, detects misconfigurations, and provides real-time posture scoring.
Which compliance frameworks does GoalsMapper currently track?
We actively monitor against multiple industry-standard frameworks, including:
-
Essential Cloud Security Controls
-
PCI DSS (v4.0)
-
SOC 2 (v2)
-
ISO/IEC 27001 (2022)
-
AWS Foundational Security Best Practices
-
CIS – AWS (v5.0.0)
-
NIST Cybersecurity Framework (v1.1)
-
GDPR
-
HIPAA
These frameworks cover a wide range of security areas, from data protection and cryptography to operational resilience and access control.
Does GoalsMapper monitor compliance with MAS TRM Guidelines?
Yes. While Datadog does not provide a predefined MAS Technology Risk Management (TRM) compliance framework, GoalsMapper’s security and operational practices are aligned with MAS TRM requirements.
We achieve this by:
-
Implementing security controls and processes that address the key domains of MAS TRM, including governance, technology risk management, access controls, incident response, and business continuity.
-
Using Datadog to continuously monitor our environment against globally recognized frameworks such as ISO/IEC 27001, SOC 2, NIST CSF, and CIS Benchmarks, which overlap significantly with MAS TRM’s requirements.
-
Maintaining internal audits and risk assessments to verify that our controls meet both international standards and MAS TRM guidelines.
This combined approach ensures that our operations remain TRM-compliant, even though MAS TRM does not appear as a native framework in Datadog’s compliance dashboard.