In the Compliance Analysis only one liability could be selected under compliance drivers. Is this wanted?
I’m using this field to add the liabilities from laws / regulations to e.g. ISO27k or the NIST CSF (which are not mandatory for us but are used as a reference). Now with the data protection regulations we have some ISO 27k controls which are required by data protection law and the banking regulations:
