Home » Downloads » What four (4) IT security controls do you find the most important

What four (4) IT security controls do you find the most important

What four (4) IT security controls do you find the most important

Q1: Security Control Frameworks

When performing a gap analysis, one must have an understanding of the desired future or “to be” state. For cybersecurity focused gap analyses, we frequently use IT security controls as the framework for describing the “to be” (or “should be”) state. There are a variety of guidance documents which list and define sets of security controls.

If you look at multiple sources, e.g. NIST, SANS, CSIS, you will see that IT controls come in a variety of “flavors”. Some sources use the People, Process, and Technologyscheme to organize and define controls. Other sources define controls (safeguards) in terms of the phases of information security to which they apply (e.g, Preventive controls, Detective controls, Deterrent controls, Corrective controls (used in the Response or remediation phases)). A third framework which you used in earlier courses (CSIA 413) is “administrative or managerial, operational, and technical” controls.

Research and select a control grouping framework then populate the framework with some examples of the actual controls. Provide your rational as to why you selected your framework and identify an industry or industry vertical to which your framework is most applicable.

https://www.brighthubpm.com/methods-strategies/74370-performing-a-gap-analysis-where-do-you-begin/

https://www.brighthubpm.com/methods-strategies/76008-looking-for-gaps-walking-through-a-sample-analysis/

https://www.brighthubpm.com/templates-forms/75993-gap-analysis-flow-chart-creating-a-visual-representation-of-your-data/

https://www.brighthubpm.com/six-sigma/47750-how-is-a-gap-analysis-used-in-the-six-sigma-process/

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar4.pdf

Q2: Controlling the Uncontrollable

What four (4) IT security controls do you find the most important? Why? Do you consider anything related to process or policy a real or actual “safeguard?” Why? Why not?

Note: Use NIST SP 800-53 (see Week below links) as your source for security controls definitions for this discussion question.

https://www.nccoe.nist.gov/sites/default/files/library/sp1800/fs-itam-nist-sp1800-5a-draft.pdf

https://www.nccoe.nist.gov/sites/default/files/library/sp1800/fs-itam-nist-sp1800-5b-draft.pdf

Answer preview to what four (4) IT security controls do you find the most important

What four (4) IT security controls do you find the most important

APA

624 words

Get instant access to the full solution from yourhomeworksolutions by clicking the purchase button below

Accounting

Applied Sciences

Article Writing

Astronomy

Biology

Business

Calculus

Chemistry

Communications

Computer Science

Counselling

Criminology

Economics

Education

Engineering

English

Environmental

Ethics

Film

Food and Nutrition

Geography

Healthcare

History and Government

Human Resource Managment

Information Systems

Law

Literature

Management

Marketing

Mathematics

Nursing

Philospphy

Physics

Political Science

Psychology

Religion

Sociology

Statistics

Writing

Terms of service

IntaSend Secure Payments (PCI-DSS Compliant) Secured by IntaSend Payments

Contact