100 word response 1 reference Due 1/28/2023
ISO 27001 is an information security management standard published back in 2005 that organizations/groups can certify against. It contains a set of controls that businesses can use to help them with their risk management, containing a combination of policies, procedures, and systems which an organization can leverage in its InfoSec arrangements (Brotby, 2009; ISO, 2022). CobiT is a comprehensive management and governance framework that can be used as a standalone framework or complement other frameworks. The latest CobiT principles include Provide Stakeholder Value, Holistic Approach, Dynamic Governance System, Governance Distinct from Management, Tailored to Enterprise Needs, and End-to-End Governance System (Braga, 2020). The NIST (National Institute of Standards and Technology) Cybersecurity Framework (CSF) is a technology-agnostic cybersecurity framework that cannot be certified against but does have an implementer certification (NICCS, n.d.). The NIST CSF's core activities are Identify, Protect, Detect, Respond, and Recover. The framework calls for the organization to have a plan to implement and maintain the ability to adapt, much like CobiT does.
CobiT is not directly focusing on IT ops or information security but has been mapped to ISO 27001 and ISO 27002, which are focused on information security (Brotby, 2009; Braga, 2020). It can help improve information quality and insights for organizations and can aid in a company’s risk management approach by providing measures for it to manage and reduce enterprise-wide risks. That being said, it is important to note that CobiT is intended to resolve business problems, not IT problems. However, some aspects of IT may benefit from the framework to keep all departments aligned. The NIST cybersecurity framework references CobiT practices. CobiT references NIST publications at the process level (Thomas, 2017). The controls overlap between the NIST CSF and 27001, and in reviewing the controls and recommendations, both are easily woven into other frameworks like CobiT; it is recommended to combine them to have that balance between InfoSec, IT ops, and management/governance since neither set is fully effective on its own.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.
Read moreEach paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.
Read moreThanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.
Read moreYour email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.
Read moreBy sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.
Read more
Recent Comments