Guest
ISO 27002 NIST and the Cybersecurity Framework
What are the alignments between ISO 27002, NIST, and the Cybersecurity Framework?
Assign topic to the user
Expert
Rhand Leal
Sep 02, 2017
Answer: All these references provides guidance on the implementation of security controls. ISO 27002 provides guidance on the controls from Annex A from ISO 27001 standard. NIST Special Publications from 800 series (SP-800), provides a series of documents with more detailed recommendations either on implementation of controls (e.g., cryptography, access control, etc.) as well as about implementation of a risk management framework. Cybersecurity Framework is kind of a specific application of NIST documents related to cyber environment.
These articles will provide you further explanation about these documents:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
- How to use the NIST SP800 series of standards for ISO 27001 implementation https://advisera.com/27001academy/blog/2016/05/02/how-to-use-the-nist-sp800-series-of-standards-for-iso-27001-implementation/
- How to use NIST SP 800-53 for the implementation of ISO 27001 controls https://advisera.com/27001academy/blog/2016/05/10/how-to-use-nist-sp-800-53-for-the-implementation-of-iso-27001-controls/
- Which one to go with – Cybersecurity Framework or ISO 27001? https://advisera.com/27001academy/blog/2014/02/24/which-one-to-go-with-cybersecurity-framework-or-iso-27001/
Comment as guest or Sign in
Sep 02, 2017
Sep 02, 2017
Sep 02, 2017