Expert Advice Community

Guest

ISO 27002 NIST and the Cybersecurity Framework

  Quote
Guest
Guest user Created:   Sep 02, 2017 Last commented:   Sep 02, 2017

ISO 27002 NIST and the Cybersecurity Framework

What are the alignments between ISO 27002, NIST, and the Cybersecurity Framework?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 02, 2017

Answer: All these references provides guidance on the implementation of security controls. ISO 27002 provides guidance on the controls from Annex A from ISO 27001 standard. NIST Special Publications from 800 series (SP-800), provides a series of documents with more detailed recommendations either on implementation of controls (e.g., cryptography, access control, etc.) as well as about implementation of a risk management framework. Cybersecurity Framework is kind of a specific application of NIST documents related to cyber environment.

These articles will provide you further explanation about these documents:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
- How to use the NIST SP800 series of standards for ISO 27001 implementation https://advisera.com/27001academy/blog/2016/05/02/how-to-use-the-nist-sp800-series-of-standards-for-iso-27001-implementation/
- How to use NIST SP 800-53 for the implementation of ISO 27001 controls https://advisera.com/27001academy/blog/2016/05/10/how-to-use-nist-sp-800-53-for-the-implementation-of-iso-27001-controls/
- Which one to go with – Cybersecurity Framework or ISO 27001? https://advisera.com/27001academy/blog/2014/02/24/which-one-to-go-with-cybersecurity-framework-or-iso-27001/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 02, 2017

Sep 02, 2017