Compliance Justification Document (Yahoo MDL (2018))¶
Purpose¶
This mapping document shows how implemented controls satisfy obligations and expectations implicated by Compliance Justification Document (Yahoo MDL (2018)). It is structured for audit and legal review, so each requirement is tied to implementation rationale, ownership, and verifiable artifacts rather than policy statements alone.
Control-to-requirement mapping (illustrative)¶
| Control domain | Source / obligation | Example evidence |
|---|---|---|
| Breach response | Pleading and discovery | IR tickets, notification logs, forensic reports |
| Consumer mitigation | Settlement or program terms | Enrollment records, vendor SOC reports |
Document-type guide: compliance-justification-document
Writing tips: Writing best practices