October 2022
Intermediate to advanced
398 pages
14h 14m
English
We discussed the importance of frameworks. Many IT organizations have adopted the use of different frameworks. An IT shop may deploy controls based on ISO versus NIST versus COBIT. Even within NIST, is it NIST CSF or NIST 800-53? How do we convey our findings in the context of a framework? Fortunately, there is no shortage of framework mapping. For example, NIST.gov (n.d.) has a framework mapping in the format of an Excel spreadsheet.
These mappings, especially in the format of Excel, can be easily modified as assessment checklists. Let’s look at a portion of the NIST Cybersecurity Framework (CSF) spreadsheet previously mentioned as illustrated in Table 7-5.
This spreadsheet ...
Read now
Unlock full access