User Account

All Pages

Evaluate the weaknesses of each framework

Assignment Help Management Information Sys
Reference no: EM13761231

The National Institute of Standards and Technology (NIST) replaced the former NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems with NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. The NIST document changed from a certification and accreditation framework to a risk management framework because information security management systems should be regularly reviewed, updated, and maintained. It makes more sense to follow a security life cycle approach (continuous monitoring) versus a single one-time static certification/accreditation approach.

For this task, you will be using NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach and the attached "Healthy Body Wellness Center Risk Assessment" case study.

You have been hired to apply the NIST's risk management framework to the Healthy Body Wellness Center's information systems. You know that the organization has recently had a risk assessment completed that includes recommendations for implementing security controls and mitigating risks. In your new role, a team of people will be assigned to help you with the task. The first job you are tasked with is creating a to-do list for the specific tasks outlined in each of the six steps in the risk management framework (RMF).

Task:

A. Discuss key elements that need to be addressed as part of the risk management framework by completing the attached "RMF To-Do List."

B. Create a white paper that compares the ISO 27002, COBIT, NIST, and ITIL frameworks by doing the following:

1. Discuss how each framework is most commonly used.

2. Analyze the purpose of each framework design.

3. Evaluate the strengths of each framework.

4. Evaluate the weaknesses of each framework.

5. Discuss the certification and accreditation process for the frameworks.

6. Discuss when you would choose to use each framework (e.g., ISO 27002 versus COBIT, NIST, or ITIL).

C. When you use sources, include all in-text citations and references in APA format.

Reference no: EM13761231

Questions Cloud

Describe some of the purposes for doing a data mining : Describe some of the purposes for doing a data mining? Provide some advantages of Data mining with relevant examples
Design a knowledge application system : Design a knowledge application system to support your business needs. Describe the type of system and the foundation technologies that you would use to develop such system. What are some of the intelligent technologies that enable those systems?
What are the key elements of luluemons strategies : What are the key elements of luluemon's strategies? what features of luluemon's strategy stand out as being different from that of other makers of sports apparel (e.g. Nike and Under Armour)?
Market for performance-based yoga and fitness apparel : How strong are the competitive forces confronting lululemon in the market for performance-based yoga and fitness apparel? Use a five-forces analysis to support your answer? What does your strategic group map of the performance sports apparel industry..
Evaluate the weaknesses of each framework : Discuss how each framework is most commonly used. Analyze the purpose of each framework design. Evaluate the strengths of each framework. Evaluate the weaknesses of each framework
Significant challenges associated with facial reconstruction : The bones of the face, or skull as it is sometimes referred to, are there for the purpose of protecting and supporting the entrance to the digestive system and the respiratory system.
Remainder of the outstanding bonds : The remainder of the outstanding bonds is reacquired by exercising the bonds' call feature. In the final analysis, how much was the gain or loss experienced by Hurst in reacquiring its 8% bonds? (Assume the firm used straight-line amortization.) S..
Computer-based training : Computer-based training is more widely used today by both organizations and educational institutions. Discuss the differences between CBT and eLearning in both environments.
Explain marketing communications : Answer the following questions: Explain Marketing Communications in your own words.

Reviews

Write a Review

Management Information Sys Questions & Answers

  Computer hardware and software

What are some of the types of computer hardware and software available today to make various jobs in a company easier, quicker, and more cost-effective?

  This addresses multitech amp low-voltage components

this addresses multitech amp low-voltage components situationsmultitech interview situation you have an interview for

  Important information about knowledge managementwhy is

important information about knowledge managementwhy is knowledge management particularly important to a company that

  Find the impact of technology on functions of management

Find the impact of technology on the four functions of management (planning, organizing, leading and controlling) within General Motors. Want a specific example in each function.

  Show the benefits of supply chain management

Show the benefits of supply chain management. How does the implementation of supply chain management result in enhanced customer value?

  Implement an erp system

NIBCO's Decision to Implement an ERP System and explain reasons behind NIBCO's decision to implement an ERP system.

  Analyze the existing security situation in the organization

Analyze the existing security situation in the organization and Identify the predominant electronic and physical threats to communications networks

  Find out the benefits of data mining to the businesses when

the development of complex algorithms that can mine mounds of data that have been collected from people and digital

  Explain the roles and responsibilities of people

Explain the roles and responsibilities of people working in retail supply management. Explain how these roles and responsibilities are applied at your organization or an organization with which you are familiar.

  Identiy value drivers in purchasing a home computer what if

identiy value drivers in purchasing a home computer. what if you were dell?value creation1. you are buying a computer

  Show the use of tablets vs. desktops

Show the Use of Tablets Vs. Desktops and Justify your thoughts on whether tablets will replace desktop computers and offer an opinion why Apple desktop sales have grown.

  Software solutions

What software solutions would you recommend to your executives based on their needs? Explain your answer

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd