User Account

All Pages

Key elements as part of the risk management framework

Assignment Help Management Theories
Reference no: EM13767461

Introduction:

The National Institute of Standards and Technology (NIST) replaced the former NIST Special Publication 800-37, Guide for the Security Certification and Accreditation of Federal Information Systems with NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach. The NIST document changed from a certification and accreditation framework to a risk management framework because information security management systems should be regularly reviewed, updated, and maintained. It makes more sense to follow a security life cycle approach (continuous monitoring) versus a single one-time static certification/accreditation approach.

For this task, you will be using NIST Special Publication 800-37 Revision 1, Guide for Applying Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach and the attached "Healthy Body Wellness Center Risk Assessment" case study.

You have been hired to apply the NIST's risk management framework to the Healthy Body Wellness Center's information systems. You know that the organization has recently had a risk assessment completed that includes recommendations for implementing security controls and mitigating risks. In your new role, a team of people will be assigned to help you with the task. The first job you are tasked with is creating a to-do list for the specific tasks outlined in each of the six steps in the risk management framework (RMF).

Task:

A. Discuss key elements that need to be addressed as part of the risk management framework by completing the attached "RMF To-Do List."

B. Create a white paper that compares the ISO 27002, COBIT, NIST, and ITIL frameworks by doing the following:

1. Discuss how each framework is most commonly used.
2. Analyze the purpose of each framework design.
3. Evaluate the strengths of each framework.
4. Evaluate the weaknesses of each framework.
5. Discuss the certification and accreditation process for the frameworks.
6. Discuss when you would choose to use each framework (e.g., ISO 27002 versus COBIT, NIST, or ITIL).

C. When you use sources, include all in-text citations and references in APA format.

Reference no: EM13767461

Questions Cloud

Glacial period related problem : What do you think the effects on humans will be if the climate continues to warm precipitously?
Approximate the probability that at most will be defective : A manufacturing process produces semiconductor chips with a known failure rate of .If a random sample of chips is selected, approximate the probability that at most will be defective.Use the normal approximation to the binomial with a correction for ..
The risk assessment for the health body wellness center : The risk assessment for the Health Body Wellness Center has already been conducted. Your task is to define the ISMS scope for the Healthy Body Wellness Center and make recommendations for implementing the resulting ISMS plan.
Independent issues concerning the capital stock : Respond to the following independent issues concerning the capital stock of corporations in your initial post:
Key elements as part of the risk management framework : Discuss key elements that need to be addressed as part of the risk management framework by completing the attached "RMF To-Do List."
Taxation research and communication : The current tax law system in the United States has emerged over many years from statutory, administrative, and judicial sources. These sources are continually changing and new laws are introduced at least annually.
An llc or a shareholder of a corporation. : A limited liability partnership (LLP) is a type of general partnership that most states now permit. There is a very important distinction, however, between an LLP and an LLC; in an LLP, the partners are not liable for the debts of the partnership. Ho..
Global digital ethical issues : The purpose of this assignment is to analyze a current event article about global digital ethical issues from a multi-national corporation perspective. This assignment is designed to increase your knowledge from a corporate viewpoint and enable yo..
The composition of the solar system : Explain how the processes of plate tectonics act to make metals and minerals usable for us.

Reviews

Write a Review

 

Management Theories Questions & Answers

  Obtain permanent financing

Obtain permanent financing.

  How many shares of gentry shoe can lauren purchase

How many shares of Gentry Shoe can Lauren purchase using the maximum allowable margin?

  Choosing a performance measurement approach at paychex

Choosing a Performance Measurement Approach at Paychex

  Information security program management

What is the importance of "policy" with respect to information security program management? What is the role of policy enforcement?

  How well does zara advantage travel globally

Was Galicia/Spain a good place to start a company like ZARA? How well does ZARA’s advantage travel globally?

  Account when working in multiple nations

Considerations an American based organization needs to take into account when working in multiple nations with vastly different employment laws.

  Theoretical framework

Theoretical framework

  Merit system principles and prohibited personnel practices

Merit system principles and prohibited personnel practices are actually fairly complicated to understand and far from obvious in their logical restrictions. Depending on one's government affiliation either as a local, or federal worker, there are a v..

  Describe the situation using theory

Specific problem with that organization and describe the situation using theory - Diagnose the problem using theory

  Lorenz built a house on the land

Lorenz built a house on the land

  Decision making subject

For the decision making subject, just choose a product or brand on the market and follow the guide line yeah and at he end we need to make the survey questionaire and the ppt

  Predict typical security problems your selected

consider the ethics and security measures from all perspectives e.g. the employees the customers and the organization

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd