Management Of Information Security
6th Edition
ISBN: 9781337405713
Author: WHITMAN, Michael.
Publisher: Cengage Learning,
expand_more
expand_more
format_list_bulleted
Concept explainers
Question
Chapter 8, Problem 2E
Program Plan Intro
ISO/IEC 27001:
- ISO/IEC 27001 is a specification for an
information security management system (ISMS) which is established in 2005 for creating the security practices better and more efficient. - An information security management system is a framework of rules and events that contains all technical, legal and physical controls involved in company’s information risk management processes.
NIST:
- NIST refers “The National Security Telecommunications and
Information system Security Committee” document. This document offers a complete model for information security. - It mentions the documentation of performance measurements in a regular format to guarantee the repeatability of the measurement collection, development, customization and reporting activities.
Explanation of Solution
Strengths of NIST programs compared to the ISO:
- One of the main strengths of NIST is that there is excess of presence of documentation which can be used to make a forceful information security environment.
- This framework helps in prioritizing the high risks that the organization faces.
- This framework helps an organization to emphasis on actual risks first and concern about not so critical risks later.
- This framework emphases on a risk based method by employing the best practices from already recognized frameworks like COBIT, ISO and many such...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
What exactly is ISO, and why is familiarity with it essential for those who create computer systems?
Describe the significance of the ISO to the people who developed the system.
What is Flask-WTF and what are their features?
Chapter 8 Solutions
Management Of Information Security
Ch. 8 - Prob. 1RQCh. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 5RQCh. 8 - Prob. 6RQCh. 8 - Prob. 7RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQ
Ch. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - Prob. 14RQCh. 8 - Prob. 15RQCh. 8 - Prob. 16RQCh. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 1ECh. 8 - Prob. 2ECh. 8 - Prob. 3ECh. 8 - Prob. 4ECh. 8 - Prob. 5ECh. 8 - Prob. 1DQCh. 8 - Prob. 2DQCh. 8 - Prob. 3DQCh. 8 - Prob. 4DQCh. 8 - Prob. 1EDM
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage LearningPrinciples of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning