HomeworkLib
Question

With ISO 27002, ITIL, CobiT, NIST 800-53 controls available, can you identify the most appropriate control...

With ISO 27002, ITIL, CobiT, NIST 800-53 controls available, can you identify the most appropriate control set for your organization (or industry, as you choose)? Upon what do you base your choice? If none of those sets work for you, what controls can you propose? If you already have a set of controls in place, identify them and discuss why your organization selected that set.

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Control set for the company could be chosen any among of the options provided above which are ISO 27002, ITIL, CobiT and NIST 800-53 based on the requirement. Functions of all the controls are listed below.

ISO 27002 control are used with a fixed attention in which the focus to make an information security for an organization and when we want to implement those controls, we use ISO 27002.

COBIT is the main business structure for the administration and the board of big business IT. It is the result of a worldwide team and improvement group from ISACA, a philanthropic, autonomous relationship of in excess of 140,000 administration, security, hazard and confirmation experts in 187 nations. COBIT fuses the most recent reasoning in big business administration and the executives procedures, and gives all inclusive acknowledged standards, rehearses, logical instruments and models to help increment the trust in, and esteem from, data frameworks.

ITIL can profit any association that gives an IT benefit the board (ITSM) item or administration. As a lot of practices that confers reasonable and key direction for ITSM, ITIL is utilized as a manual for help bunches enhance the estimation of their administrations by concentrating on illuminating business issues as opposed to simply enhancing IT abilities. Associations use ITIL as a system for enhancing or executing capacities that will give explicit business esteem.

NIST 800-53 is a production that prescribes security controls for government data frameworks and associations and reports security controls for all administrative data frameworks, with the exception of those intended for national security.

NIST 800-53 is distributed by the National Institute of Standards and Technology, which makes and advances the gauges utilized by government organizations to execute the Federal Information Security Management Act (FISMA) and oversee different projects intended to ensure data and advance data security.

0 0
Add a comment
Know the answer?
Add Answer to:
With ISO 27002, ITIL, CobiT, NIST 800-53 controls available, can you identify the most appropriate control...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • When performing a gap analysis, one must have an understanding of the desired future or "to be" state. For cybersecurity focused gap analyses, we frequently use IT security controls as the mea...

    When performing a gap analysis, one must have an understanding of the desired future or "to be" state. For cybersecurity focused gap analyses, we frequently use IT security controls as the means by which we describe the "to be" (or "should be") state of IT systems and Information Security Management Programs. There are a variety of guidance documents which list and define sets of security controls. Each of these documents or sets of controls has an underlying framework. One of...

  • When performing a gap analysis, one must have an understanding of the desired future or "to...

    When performing a gap analysis, one must have an understanding of the desired future or "to be" state. For cybersecurity focused gap analyses, we frequently use IT security controls as the means by which we describe the "to be" (or "should be") state of IT systems and Information Security Management Programs. There are a variety of guidance documents which list and define sets of security controls. Each of these documents or sets of controls has an underlying framework. One of...

  • This week's topic, information security policies, is perhaps the most important topic that a Business major...

    This week's topic, information security policies, is perhaps the most important topic that a Business major can take from this course. This is the governance layer that lays the bedrock for your organization's security posture. Sure, the technical folks are responsible for executing on that policy but this is where the leaders of a business get together, reach agreement, at times do a sanity check on what is enforceable in the organization, and draft the rules that will make sure...

  • Control is one of the most controversial aspects of management. Exercising too much control can foster...

    Control is one of the most controversial aspects of management. Exercising too much control can foster employee resentment and bureaucratic delays. Exercising too little control can raise employee stress and breed organizational chaos. And not only must managers work to achieve a healthy level of control but they must also strive to set controls around the right targets. The control process is about more than charts and feedback loops—it is about focusing personal and organizational efforts toward desired outcomes. This...

  • identify an organization you would be interested in studying. You will investigate the organizational behavior in...

    identify an organization you would be interested in studying. You will investigate the organizational behavior in this organization and research best practice solutions for any problems you observe. You may select your own organization, the organization of a family member, or an organization that interests you. Be sure to review each week’s assignments before selecting the organization to make sure you can locate necessary information. Contact your instructor early in the week if you need advice on your organizational selection....

  • Suppose you already a highway hotel used mostly by daily commuters. Write a 3-4 page creative bri...

    Suppose you already a highway hotel used mostly by daily commuters. Write a 3-4 page creative brief directed to an outside marketing or advertising agency for the purpose of promoting your (Bed & breakfast or Small hotel). The items below are the subheadings for your creative brief. 1. Describe your company Provide context and background information on your company to help the designer or creative team get a better understanding of your business. Who are you and what services and/or...

  • Please Use your keyboard (Don't use handwriting) Thank you.. PHC 231 I need new and unique...

    Please Use your keyboard (Don't use handwriting) Thank you.. PHC 231 I need new and unique answers, please. (Use your own words, don't copy and paste)*** Discuss Central Line-Associated Bloodstream Infection (CLABI) "or" Ventilator-Associated Pneumonia (VAP) outbreak in long-term acute care hospital settings. Address the following in your report: Characterize the epidemiology and microbiology Describe the agent and identify the host and the environment that is favorable for the infection. Discuss how the infections spread and the types of prevention...

  • Based on this case study, you are now required to identify, discuss and evaluate a range of selected management theor...

    Based on this case study, you are now required to identify, discuss and evaluate a range of selected management theories and concepts from management that managers and organisations can use to operates efficiently and effectively. Although this is a report based on the real world (case study), you are still required to use academic sources including the textbook and journal articles as well as use academic citation and referencing conventions. A good analysis (in the discussion section) will include consideration...

  • ask back to top Background You are a manager in the audit division at Miller Yates...

    ask back to top Background You are a manager in the audit division at Miller Yates Howarth (MYH), an accounting firm with offices throughout the major regional centres of NSW and Queensland. Although a medium sized firm by national standards, MYH is the second largest regional accounting firm in Australia. Most of MYH’s audit clients are in the agriculture, mining, manufacturing and property industries. All those industries are currently under pressure, either from a downturn in commodity prices or fierce...

  • Budgeting for an Academic Department at a State University: Can You Believe the Numbers? INTRODUCTION You...

    Budgeting for an Academic Department at a State University: Can You Believe the Numbers? INTRODUCTION You are the senior accounting faculty member in the business school and your dean, Dean Weller, is asking for help. She is very discouraged after a midyear budget meeting with the Vice President of Finance. The college's Department of Social Work has a large budget deficit, and because of this the VP is inclined towards closing the department entirely or closing its bachelor's program. The...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT