Expert Advice Community

Guest

ISO 27001 map to NIST

  Quote
Guest
Guest user Created:   Nov 21, 2018 Last commented:   Nov 21, 2018

ISO 27001 map to NIST

I am working on a bid for an ISO 27001 project, creating information security standards documents that are aligned with ISO 27001, but which also map to NIST CSF, NIST 800-53, NYS DFS 500, and GLBA.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Nov 21, 2018
Any thoughts or advice would be appreciated including your products or services that would be most helpful, including the below.
https://advisera.com/27001academy/iso-27001-documentation-toolkit/
https://advisera.com/books/iso-27001-annex-controls-plain-english/
https://advisera.com/books/preparations-for-the-iso-implementation-project-a-plain-english-guide/

Answer:

Considering your demand, I suggest you the ISO 27001 Documentation Toolkit. The templates are almost 80% complete, with comment about hat must be kept and what can be adjusted according your needs.

NIST 800-53 already has a map of its controls to ISO 27001 standard (Annex H), that can help you identify which controls need to be adjusted considering our templates.

NIST CSF and ISO 27001 are closely related, in a sense that they complement each other (CSF provides a structu red framework for controls implementation while ISO 27001 provides a worldwide recognized management framework to ensure the controls pertinence, efficiency and effectiveness), and since CSF controls are mostly based on NIST 880-53 you also can use these to make adjustments on the templates content.

About NYS DFS 500 and GLBA, unfortunately we do not have sufficient information to provide additional guidance.

These article will provide you further explanation about integrating ISO 27001 and NIST practices:
- How to use the NIST SP800 series of standards for ISO 27001 implementation https://advisera.com/27001academy/blog/2016/05/02/how-to-use-the-nist-sp800-series-of-standards-for-iso-27001-implementation/
- How to use NIST SP 800-53 for the implementation of ISO 27001 controls https://advisera.com/27001academy/blog/2016/05/10/how-to-use-nist-sp-800-53-for-the-implementation-of-iso-27001-controls/
- Which one to go with – Cybersecurity Framework or ISO 27001? https://advisera.com/27001academy/blog/2014/02/24/which-one-to-go-with-cybersecurity-framework-or-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 21, 2018

Nov 21, 2018

Suggested Topics

Guest user Created:   Nov 30, 2022 ISO 27001 & 22301
Replies: 1
0 0

Code of Conduct

Guest user Created:   Jun 10, 2021 ISO 27001 & 22301
Replies: 1
0 0

ASD ISM to ISO 27001 mapping

Guest user Created:   Jan 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

Questions related to Controls