Expert Advice Community

Guest

Are templates mapped with NIST and CIS 20 requirements

  Quote
Guest
Guest user Created:   Jan 20, 2021 Last commented:   Jan 20, 2021

Are templates mapped with NIST and CIS 20 requirements

I have a question regarding the policies and standards that will be customised. Is the template are mapped with NIST and CIS 20 requirements?

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 20, 2021

By your question, I’m assuming you are referring to templates of the ISO 27001 Documentation Toolkit.

Considering that, these templates are developed considering the requirements of ISO 27001 standard, so there is no available mapping to NIST and CIS 20 requirements.

However, included in the toolkit there is a List of documents file that shows which clauses and controls of the standard are covered by each template. Additionally, NIST documents already have annexes that identify the relations between their requirements and ISO 27001 requirements (e.g., NIST 800-171 Annex D and NIST 800-53 Annex H).

As for CIS 20, most of its controls can be related to ISO 27001 Annex A controls (e.g., CIS control “Inventory and Control of Hardware Assets” can be related to ISO 27001 controls “A.8.1.1 Inventory of assets” and “A.8.1.2 Ownership of assets”).

These articles will provide you a further explanation:

These materials will also help you regarding ISO 27001:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 20, 2021

Jan 20, 2021

Suggested Topics