Comparing a Security Strategic Plan to a Security Policy and Aligning to Security Controls
Information Systems Governance
Wk 4 – Comparing a Security Strategic Plan to a Security Policy and Aligning to Security Controls
The information security strategic plan and security policies are strongly interrelated within an organization’s information security program. The security plan and security policies will drive the foundation and selection of security controls to be implemented within the organization.
Part 1
Write a 1- to 2-page summary of the comparison chart of strategic plans and security policies you completed in this week’s Learning Team assignment.
Part 2
Review the control families described in this week’s reading, NIST SP 800-53a Revision 4, Assessing Security and Privacy Controls for Federal Information Systems and Organizations.
Review the controls from this week’s reading, CIS Controls V7.1.
Develop a 2- to 3-page matrix using Aligning Security Controls to NIST Security Controls Matrix Template that accurately maps CIS controls to NIST security control families. Note that some CIS controls may map to multiple NIST control families.
Cite all sources using APA guidelines
Paper Format: APA
Number of pages: 3
Withdrawn NIST Technical Series Publication Warning Notice The attached publication has been withdrawn (archived), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Withdrawn Publication Series/Number NIST Special Publication 800-53A Revision 4 Title Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans Publication Date(s) December 18, 2014 Withdrawal Date January 25, 2023 Withdrawal Note NIST SP 800-53A Rev. 4 is withdrawn and superseded in its entirety by NIST SP 800-53A Rev. 5. Withdrawal of Revision 4 occurs one year after the publication of Revision 5. Superseding Publication(s) (if applicable) The attached publication has been superseded by the following publication(s): Series/Number NIST SP 800-53A Revision 5 Title Assessing Security and Privacy Controls in Information Systems and Organizations Author(s) Joint Task Force Publication Date(s) January 25, 2022 URL/DOI https://doi.org/10.6028/NIST.SP.800-53Ar5 Additional Information (if applicable) Contact Computer Security Division (Information Technology Laboratory) Latest revision of the attached publication Related Information https://csrc.nist.gov/publications/detail/sp/800-53A/rev-5/final Withdrawal Announcement Link
Answer preview to Comparing a Security Strategic Plan to a Security Policy and Aligning to Security Controls
APA
349 words