TheArtOfService
Cross-Framework Mapping

ASEAN Data Management FrameworkvsSri Lanka Personal Data Protection Act (No. 9 of 2022)

See exactly how ASEAN Data Management Framework controls map to Sri Lanka Personal Data Protection Act (No. 9 of 2022). Pre-computed mappings, identified gaps, and coverage analysis.

20
Controls Mapped
19
Gaps Found
26%
Coverage

According to the TheArtOfService Compliance Knowledge Graph:

ASEAN Data Management Framework maps to Sri Lanka Personal Data Protection Act (No. 9 of 2022) with 26% coverage across 10 directly mapped controls. Analysis of 39 ASEAN Data Management Framework controls identifies 29 compliance gaps — primarily concentrated in Risk Assessment.

Source: TheArtOfService Knowledge Graph | 39 controls analysed | 693 frameworks | 819K+ cross-framework mappings

Control Mappings

Showing 20 of 20 mapped controls across 5 domains. Sign up to explore all 819K+ mappings across 693 frameworks.

Governance and Oversight(5 mappings)

Art. 17Governance Structure
SLPDPA-2Legal Bases for Processing (Section 5)
Art. 19Consent Management Controls3 targets
SLPDPA-10Data Breach Notification
SLPDPA-11Consent for Direct Marketing
SLPDPA-5Right to Object and Access
DMF-1.2Roles and Responsibilities
SLPDPA-2Legal Bases for Processing (Section 5)

Policies and Procedural Documents(3 mappings)

DMF-2.3Data Protection Safeguards3 targets
SLPDPA-13Establishment of Authority
SLPDPA-16Penalties (Part VII)
SLPDPA-9Data Protection Management Program

Risk Assessment(5 mappings)

DMF-4.1Impact Assessment
SLPDPA-9Data Protection Management Program
DMF-4.3Regulatory Risk Assessment3 targets
SLPDPA-13Establishment of Authority
SLPDPA-16Penalties (Part VII)
SLPDPA-9Data Protection Management Program
RA-1Security Risk Assessment
SLPDPA-9Data Protection Management Program

Controls and Data Lifecycle(6 mappings)

DMF-5.2Collection Controls3 targets
SLPDPA-10Data Breach Notification
SLPDPA-11Consent for Direct Marketing
SLPDPA-5Right to Object and Access
DMF-5.4Disposal Controls3 targets
SLPDPA-13Establishment of Authority
SLPDPA-16Penalties (Part VII)
SLPDPA-9Data Protection Management Program

Monitoring and Continuous Improvement(1 mappings)

DMF-6.4Incident Response and Learning
SLPDPA-10Data Breach Notification

Related Comparisons

Other ASEAN Data Management Framework comparisons

ASEAN Data Management Framework vs ILO Nursing Personnel Convention C149 (1977)17 mappingsASEAN Data Management Framework vs 6th Anti-Money Laundering Directive (AMLD6, Directive (EU) 2018/1673)16 mappingsASEAN Data Management Framework vs ISO 8000 — Data Quality16 mappingsASEAN Data Management Framework vs FATF Recommendation 16 — Virtual Asset Travel Rule16 mappingsASEAN Data Management Framework vs Privacy by Design (PbD) — Seven Foundational Principles16 mappingsASEAN Data Management Framework vs BS 65000:2014 — Guidance on Organizational Resilience16 mappingsASEAN Data Management Framework vs TISAX — Trusted Information Security Assessment Exchange16 mappingsASEAN Data Management Framework vs Singapore Government Instruction Manual on ICT&SS Management (IM8)16 mappings

Other Sri Lanka Personal Data Protection Act (No. 9 of 2022) comparisons

Angola Personal Data Protection Law (Law No. 22/11) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsHungary Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Info Act) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsCISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0 vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsChile Personal Data Protection Law (Law No. 21.719) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsBosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsEU Machinery Regulation (Regulation (EU) 2023/1230) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsEU General Product Safety Regulation (GPSR, Regulation 2023/988) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsChina Personal Information Protection Law (PIPL) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappings

Stop Paying Consultants to Read Spreadsheets

AI-powered compliance intelligence across 693 frameworks — at a fraction of consulting costs.

$0/forever

Free

  • 693 framework browser
  • Cross-framework mappings (819K+)
  • 824 compliance assessments
  • 3 AI queries & searches per day
Get Started Free
Recommended
$49/month

Professional

  • Unlimited AI Compliance Advisory
  • Unlimited full-text search
  • Framework self-assessment
  • PDF, Excel & CSV exports
Start 7-Day Free Trial →

Popular framework comparisons

NIST CSF vs NIST 800-53ISO 27001 vs NIST CSFCMMC vs NIST 800-53FedRAMP vs NIST 800-53NIST CSF vs SOC 2HIPAA vs NIST 800-53ISO 27001 vs SOC 2ISO 27001 vs ISO 27701

What are the key differences between ASEAN Data Management Framework and Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

ASEAN Data Management Framework has 39 controls across its framework, while Sri Lanka Personal Data Protection Act (No. 9 of 2022) covers 16 controls. Direct mapping analysis identifies 10 overlapping controls (26% coverage). The frameworks diverge most significantly in Risk Assessment, where 10 ASEAN Data Management Framework controls have no direct Sri Lanka Personal Data Protection Act (No. 9 of 2022) equivalent.

How many controls map between ASEAN Data Management Framework and Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

Of 39 total ASEAN Data Management Framework controls, 10 map directly to Sri Lanka Personal Data Protection Act (No. 9 of 2022) controls — representing 26% coverage. The remaining 29 controls represent compliance gaps requiring additional documentation or compensating controls to satisfy both frameworks simultaneously.

What are the compliance gaps when mapping ASEAN Data Management Framework to Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

29 ASEAN Data Management Framework controls have no direct equivalent in Sri Lanka Personal Data Protection Act (No. 9 of 2022). The highest concentration of gaps is in Risk Assessment with 10 unmapped controls. These gaps represent areas where additional controls, policies, or documentation must be created to achieve compliance with both frameworks.

Which control domains have the most gaps between ASEAN Data Management Framework and Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

The domain with the highest gap count is Risk Assessment (10 gaps). Export the full domain-by-domain gap breakdown via the Professional tier to generate a prioritised remediation roadmap.

Related Resources

How to Map Controls Across Frameworks|Multi-Framework Compliance Guide|Compliance Glossary

This platform provides educational compliance tools, not legal, regulatory, or professional compliance advice. Cross-framework mappings are AI-assisted interpretations and do not reproduce or replace official standards. Framework names and trademarks belong to their respective owners. Consult qualified professionals for your specific compliance requirements. See our Terms of Service.