Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021

Expert Advice Community

Guest

ISO 27001 and NIST 800

  Quote
Guest
Guest user Created:   Mar 16, 2021 Last commented:   Mar 16, 2021

ISO 27001 and NIST 800

How does ISO 27001 complement or conflict with NIST 800?

1 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Mar 16, 2021

First, let's understand both NIST and ISO 27001:
- NIST SP-800 series of documents provide detailed information about processes to select and implement controls for computer security
- ISO 27001 provides general requirements for the implementation, operation, control, and improvement of a management system to protect the information, regardless of the environment where it is (e.g., physical reports or digital databases). ISO 27001 provides protection through the selection of security controls described in Annex A, as well other controls that can be added by the organization.  

Considering that, you can use the ISO 27001 to implement the overall approach to protect the information, and after the identification of controls, you can use the NIST documents to implement the details for each control. For example, you can use information from SP 800-53 control for contingency plan testing to implement the Disaster Recovery Plan template.

These articles will provide you a further explanation about ISO 27001 and NIST:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- The basic logic of ISO 27001: How does information security work? https://advisera.com/27001academy/knowledgebase/the-basic-logic-of-iso-27001-how-does-information-security-work/
- How to use NIST SP 800-53 for the implementation of ISO 27001 controls https://advisera.com/27001academy/blog/2016/05/10/how-to-use-nist-sp-800-53-for-the-implementation-of-iso-27001-controls/

Quote
1 1

Comment as guest or Sign in

HTML tags are not allowed

Mar 16, 2021

Mar 16, 2021