Management of Information Security (MindTap Course List)
5th Edition
ISBN: 9781305501256
Author: Michael E. Whitman, Herbert J. Mattord
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Concept explainers
Question
Chapter 8, Problem 2E
Program Plan Intro
ISO/IEC 27001:
- ISO/IEC 27001 is a specification for an
information security management system (ISMS) which is established in 2005 for creating the security practices better and more efficient. - An information security management system is a framework of rules and events that contains all technical, legal and physical controls involved in company’s information risk management processes.
NIST:
- NIST refers “The National Security Telecommunications and
Information system Security Committee” document. This document offers a complete model for information security. - It mentions the documentation of performance measurements in a regular format to guarantee the repeatability of the measurement collection, development, customization and reporting activities.
Explanation of Solution
Strengths of NIST programs compared to the ISO:
- One of the main strengths of NIST is that there is excess of presence of documentation which can be used to make a forceful information security environment.
- This framework helps in prioritizing the high risks that the organization faces.
- This framework helps an organization to emphasis on actual risks first and concern about not so critical risks later.
- This framework emphases on a risk based method by employing the best practices from already recognized frameworks like COBIT, ISO and many such...
Expert Solution & Answer
Trending nowThis is a popular solution!
Students have asked these similar questions
To what end does ISO serve system developers?
What is ISO, and why is it vital to a systems developer?
What exactly is ISO, and why is having a good understanding of it crucial for a systems
developer?
Chapter 8 Solutions
Management of Information Security (MindTap Course List)
Ch. 8 - Prob. 1RQCh. 8 - Prob. 2RQCh. 8 - Prob. 3RQCh. 8 - Prob. 4RQCh. 8 - Prob. 11RQCh. 8 - Prob. 12RQCh. 8 - Prob. 13RQCh. 8 - Prob. 14RQCh. 8 - Prob. 15RQCh. 8 - Prob. 16RQ
Ch. 8 - Prob. 17RQCh. 8 - Prob. 18RQCh. 8 - Prob. 19RQCh. 8 - Prob. 20RQCh. 8 - Prob. 5RQCh. 8 - Prob. 7RQCh. 8 - Prob. 6RQCh. 8 - Prob. 8RQCh. 8 - Prob. 9RQCh. 8 - Prob. 10RQCh. 8 - Prob. 1ECh. 8 - Prob. 2ECh. 8 - Prob. 3ECh. 8 - Prob. 4ECh. 8 - Prob. 5ECh. 8 - Prob. 1DQCh. 8 - Prob. 2DQCh. 8 - Prob. 3DQCh. 8 - Prob. 4DQCh. 8 - Prob. 1EDM
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- Who or what are the people or things that formal techniques are meant to address? The implementation of standards requires the existence of at least four positive outcomes associated with doing so.arrow_forwardWhat exactly is a Gantt chart? What is the purpose of it?arrow_forwardHow can OLAP be used?arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,