TheArtOfService
Cross-Framework Mapping

China Personal Information Protection Law (PIPL)vsSri Lanka Personal Data Protection Act (No. 9 of 2022)

See exactly how China Personal Information Protection Law (PIPL) controls map to Sri Lanka Personal Data Protection Act (No. 9 of 2022). Pre-computed mappings, identified gaps, and coverage analysis.

34
Controls Mapped
0
Gaps Found
40%
Coverage

According to the TheArtOfService Compliance Knowledge Graph:

China Personal Information Protection Law (PIPL) maps to Sri Lanka Personal Data Protection Act (No. 9 of 2022) with 40% coverage across 12 directly mapped controls. Analysis of 30 China Personal Information Protection Law (PIPL) controls identifies 18 compliance gaps — primarily concentrated in Personal Information Handling Rules (Chapter II).

Source: TheArtOfService Knowledge Graph | 30 controls analysed | 693 frameworks | 819K+ cross-framework mappings

Control Mappings

Showing 20 of 34 mapped controls across 6 domains. Sign up to explore all 819K+ mappings across 693 frameworks.

Personal Information Handling Rules (Chapter II)(1 mappings)

Art. 28-32Sensitive Personal Information Processing
SLPDPA-9Data Protection Management Program

General Provisions (Chapter I)(2 mappings)

Art. 4-5Definitions and Core Principles
SLPDPA-2Legal Bases for Processing (Section 5)
Art. 6-7Purpose Limitation and Minimization
SLPDPA-2Legal Bases for Processing (Section 5)

Cross-Border Data Transfer (Chapter III)(3 mappings)

Art. 40Establishment and Composition3 targets
SLPDPA-10Data Breach Notification
SLPDPA-11Consent for Direct Marketing
SLPDPA-5Right to Object and Access

Individual Rights (Chapter IV)(14 mappings)

Art. 44Right to Effective Judicial Remedy3 targets
SLPDPA-10Data Breach Notification
SLPDPA-11Consent for Direct Marketing
SLPDPA-5Right to Object and Access
Art. 45Data Protection Officer3 targets
SLPDPA-13Establishment of Authority
SLPDPA-16Penalties (Part VII)
SLPDPA-9Data Protection Management Program
Art. 47Existing Legal Procedures3 targets
SLPDPA-10Data Breach Notification
SLPDPA-11Consent for Direct Marketing
SLPDPA-5Right to Object and Access
Art. 48Criminal Penalties3 targets
SLPDPA-13Establishment of Authority
SLPDPA-16Penalties (Part VII)
SLPDPA-9Data Protection Management Program
Art. 49Collective Dispute Resolution2 targets
SLPDPA-10Data Breach Notification
SLPDPA-11Consent for Direct Marketing

+14 more mappings

Plus AI-powered gap analysis, compliance advisory, PDF exports, and cross-mapping for all 693 frameworks.

Create Free Account →

Free forever — no credit card required

Related Comparisons

Other China Personal Information Protection Law (PIPL) comparisons

China Personal Information Protection Law (PIPL) vs Chile Personal Data Protection Law (Law No. 21.719)15 mappingsChina Personal Information Protection Law (PIPL) vs ASEAN Data Management Framework15 mappingsChina Personal Information Protection Law (PIPL) vs South Korea PIPA15 mappingsChina Personal Information Protection Law (PIPL) vs Digital Services Act (DSA) - Regulation (EU) 2022/206514 mappingsChina Personal Information Protection Law (PIPL) vs EU Digital Services Act (Regulation (EU) 2022/2065)14 mappingsChina Personal Information Protection Law (PIPL) vs Côte d'Ivoire Law No. 2013-450 on the Protection of Personal Data14 mappingsChina Personal Information Protection Law (PIPL) vs Malta Data Protection Act (Cap. 586, 2018)14 mappingsChina Personal Information Protection Law (PIPL) vs African Union Malabo Convention14 mappings

Other Sri Lanka Personal Data Protection Act (No. 9 of 2022) comparisons

Angola Personal Data Protection Law (Law No. 22/11) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsHungary Act CXII of 2011 on Informational Self-Determination and Freedom of Information (Info Act) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsCISA Cross-Sector Cybersecurity Performance Goals (CPG) 2.0 vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsChile Personal Data Protection Law (Law No. 21.719) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsBosnia and Herzegovina Law on Protection of Personal Data (2006, amended 2011) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsEU Machinery Regulation (Regulation (EU) 2023/1230) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsEU General Product Safety Regulation (GPSR, Regulation 2023/988) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappingsMorocco Data Protection Law (09-08) vs Sri Lanka Personal Data Protection Act (No. 9 of 2022)7 mappings

Stop Paying Consultants to Read Spreadsheets

AI-powered compliance intelligence across 693 frameworks — at a fraction of consulting costs.

$0/forever

Free

  • 693 framework browser
  • Cross-framework mappings (819K+)
  • 824 compliance assessments
  • 3 AI queries & searches per day
Get Started Free
Recommended
$49/month

Professional

  • Unlimited AI Compliance Advisory
  • Unlimited full-text search
  • Framework self-assessment
  • PDF, Excel & CSV exports
Start 7-Day Free Trial →

Popular framework comparisons

NIST CSF vs NIST 800-53ISO 27001 vs NIST CSFCMMC vs NIST 800-53FedRAMP vs NIST 800-53NIST CSF vs SOC 2HIPAA vs NIST 800-53ISO 27001 vs SOC 2ISO 27001 vs ISO 27701

What are the key differences between China Personal Information Protection Law (PIPL) and Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

China Personal Information Protection Law (PIPL) has 30 controls across its framework, while Sri Lanka Personal Data Protection Act (No. 9 of 2022) covers 16 controls. Direct mapping analysis identifies 12 overlapping controls (40% coverage). The frameworks diverge most significantly in Personal Information Handling Rules (Chapter II), where 5 China Personal Information Protection Law (PIPL) controls have no direct Sri Lanka Personal Data Protection Act (No. 9 of 2022) equivalent.

How many controls map between China Personal Information Protection Law (PIPL) and Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

Of 30 total China Personal Information Protection Law (PIPL) controls, 12 map directly to Sri Lanka Personal Data Protection Act (No. 9 of 2022) controls — representing 40% coverage. The remaining 18 controls represent compliance gaps requiring additional documentation or compensating controls to satisfy both frameworks simultaneously.

What are the compliance gaps when mapping China Personal Information Protection Law (PIPL) to Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

18 China Personal Information Protection Law (PIPL) controls have no direct equivalent in Sri Lanka Personal Data Protection Act (No. 9 of 2022). The highest concentration of gaps is in Personal Information Handling Rules (Chapter II) with 5 unmapped controls. These gaps represent areas where additional controls, policies, or documentation must be created to achieve compliance with both frameworks.

Which control domains have the most gaps between China Personal Information Protection Law (PIPL) and Sri Lanka Personal Data Protection Act (No. 9 of 2022)?

The domain with the highest gap count is Personal Information Handling Rules (Chapter II) (5 gaps). Export the full domain-by-domain gap breakdown via the Professional tier to generate a prioritised remediation roadmap.

Related Resources

How to Map Controls Across Frameworks|Multi-Framework Compliance Guide|Compliance Glossary

This platform provides educational compliance tools, not legal, regulatory, or professional compliance advice. Cross-framework mappings are AI-assisted interpretations and do not reproduce or replace official standards. Framework names and trademarks belong to their respective owners. Consult qualified professionals for your specific compliance requirements. See our Terms of Service.