Chapter 7

Comparison of Federal and International Security Certification Standards

Information in this chapter:

• Introduction

• Overview of Certification and Accreditation

• NIST and ISO/IEC Information Security Standards

Introduction

Managing information security and compliance requirements on an audit-by-audit basis can be a challenging and difficult task, specifically where security control assessment results and evidence are gathered, analyzed, and reported simultaneously. This duplication of effort can result in significant inefficiencies and an unproductive use of resources. However, the ability to leverage reuse and satisfy multiple compliance and contractual obligations requires a comprehensive information security and compliance ...

Get Federal Cloud Computing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.