Guest
NIST, COSO and ISO 27001
What is the advantage of ISO 27001 over a competing framework such as NIST or COSO?
Assign topic to the user
Expert
Rhand Leal
Jun 07, 2017
Answer: In fact these frameworks are not competitors, but they complement each other. COSO gives you a corporate view for risk management, and NIST SP 800 series provides security practices for IT environments. As for ISO 27001, it provides you a framework for managing information security, considering not only IT environments, but also physical and human aspects, as well as business objectives.
That said, while ISO 27001 is more prepared to manage information security than NIST standards and COSO, it can benefit form the other two frameworks for complementing its approach regarding IT controls and understanding of risk in business context.
These articles will provide you further explanation about these frameworks:
- How to integrate COSO, COBIT, and ISO 27001 frameworks https://advisera.com/27001academy/blog/2016/10/10/how-to-integrate-coso-cobit-and-iso-27001-frameworks/
- How to use the NIST SP800 series of standards for ISO 27001 implementation h ttps://advisera.com/27001academy/blog/2016/05/02/how-to-use-the-nist-sp800-series-of-standards-for-iso-27001-implementation/
Comment as guest or Sign in
Jun 07, 2017
Jun 07, 2017
Jun 07, 2017