Unit 2 Assignment 1: Frameworks Essay

284 Words2 Pages
Role in Information Technology Security Domains and Auditing Compliance Framework 1: First NIST’s 800-53 is a good starting point. It addresses Federal Information Security Management. however it may not completely meet the needs of the Defence Spectrum Organization in regards to wireless communications security. This framework is well known and can be used by external entities to determine possible weaknesses in the framework. Framework 2: ISO/IEC 27002 Is also an improvement on the framework in that they are not public and an organization must pay for the use of the copyrighted framework. It also provides cyclical guidance to continual assessment by the “Plan, Do, Check, and Act” cycle. Framework 3: ISO/IEC 27011 is a framework based on ISO/IEC 27002 but is more specific to the electromagnetic spectrum and wireless telecommunications. It will more closely meet the needs of the Defence Spectrum Organization. Using each frameworks section summaries an overall hybrid framework can be created that may be best suited for this project. NIST 800-53 ISO/IEC 27002 ISO/IEC 27011 Control Risk Management Supplemental Guidance Policy Control Enhancements Organization Organization References Asset Managment Asset Managment Priority and Baseline Allocation Human resources Human resources Physical and Environmental Physical and Environmental Communications and Operations Communications and Operations Access Control Access Control Acquisition, Development, Maintenance Acquisition, Development, Maintenance Incident Management Incident Management Business Continuity Business Continuity Compliance Telecommunications extended control set A hybrid framework summy would look like the following table: Hybrid Framework Policy Risk Management Asset Managment Business Continuity Priority

More about Unit 2 Assignment 1: Frameworks Essay

Open Document