Transcription of Appendix B: Mapping Cybersecurity Assessment Tool to NIST ...
{{id}} {{{paragraph}}}
Example: stock market
Appendix B: Mapping Cybersecurity Assessment Tool to NIST ...
June 2015 1 Appendix B: Mapping Cybersecurity Assessment Tool to NIST Cybersecurity Framework In 2014, the National Institute of Standards and Technology (NIST) released a Cybersecurity Framework for all sectors. The following provides a Mapping of the FFIEC Cybersecurity Assessment Tool ( Assessment ) to the statements included in the NIST Cybersecurity Framework. NIST reviewed and provided input on the Mapping to ensure consistency with Framework principles and to highlight the complementary nature of the two resources. As the Assessment is based on a number of declarative statements that address similar concepts across maturity levels, the Mapping references the first time the concept arises beginning with the lowest maturity level. As such, statements at higher levels of maturity may also map to the NIST Cybersecurity Framework. References for the NIST Cybersecurity Framework are provided by page number and, if applicable, by the reference code given to the statement by NIST.
Cybersecurity risk management is not formalized and risks are managed in an ad hoc and sometimes reactive manner. (p. 10) ... D1.RM.RMP.B.1:An information security and business continuity risk management function(s) exists within the ... Independent audit or review evaluates policies, procedures, and controls across the ...
Tags:
Information
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document: