Save 20% on accredited ISO 27001 course exams.
Limited-time offer – ends July 18, 2024
Use promo code:
EXAM20

Expert Advice Community

Guest

NIST, COSO and ISO 27001

  Quote
Guest
Guest user Created:   Jun 07, 2017 Last commented:   Jun 07, 2017

NIST, COSO and ISO 27001

What is the advantage of ISO 27001 over a competing framework such as NIST or COSO?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 07, 2017

Answer: In fact these frameworks are not competitors, but they complement each other. COSO gives you a corporate view for risk management, and NIST SP 800 series provides security practices for IT environments. As for ISO 27001, it provides you a framework for managing information security, considering not only IT environments, but also physical and human aspects, as well as business objectives.

That said, while ISO 27001 is more prepared to manage information security than NIST standards and COSO, it can benefit form the other two frameworks for complementing its approach regarding IT controls and understanding of risk in business context.

These articles will provide you further explanation about these frameworks:
- How to integrate COSO, COBIT, and ISO 27001 frameworks https://advisera.com/27001academy/blog/2016/10/10/how-to-integrate-coso-cobit-and-iso-27001-frameworks/
- How to use the NIST SP800 series of standards for ISO 27001 implementation h ttps://advisera.com/27001academy/blog/2016/05/02/how-to-use-the-nist-sp800-series-of-standards-for-iso-27001-implementation/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 07, 2017

Jun 07, 2017

Suggested Topics