Comparing a Security Strategic Plan to a Security Policy and Aligning to Security Controls
The information security strategic plan and security policies are strongly interrelated within an organization’s information security program. The security plan and security policies will drive the foundation and selection of security controls to be implemented within the organization.
Review the control families described in this week’s reading, NIST SP 800-53a Revision 4, Assessing Security and Privacy Controls for Federal Information Systems and Organizations.
Review the controls from this week’s reading, CIS Controls V7.1.
Develop a 2- to 3-page matrix using Aligning Security Controls to NIST Security Controls Matrix Templatethat accurately maps CIS controls to NIST security control families. Note that some CIS controls may map to multiple NIST control families.
Sample Solution